Wednesday, July 22, 2020

confusion regarding privacy of decentralised ("gapple") based BLE contact tracing apps

various publications report problems with the (e.g. swiss, german, irish) contact tracing apps privacy model confusing OS (what apple&google can and do do with location services and networks) and apps.

I suggest people read the app code (the irish have very kindly open sourced the HSE app for the world. even more helpfully, their leading researchers have actually measured what data is sent by different european contact tracing apps so you can see what is and is not the case about your privacy.

more light and less heat, please:-)

also comments on the efficacy of decentralised apps (do they work) can be countered with the observation that what you care about is the number of people notified that test positive, and that can be done when people notified ask for a test (you could even get the history of RSSI/BLE readings from them without re-identifying the phone random decentraslised id magic at that point, and run stats, which would be more time consuming than centralized log analysis, but would eventually let you re-calibrate your BLE algorithm to maximise effectiveness) - remember, we dont actually care about the distance between phones, we care about the true positive infection detection/notify/isolate rate, and we care about minimising false negative proximity so you don't end up isolating zillions of people and might as well go back to lockdown....).

No comments:

Blog Archive

About Me

My photo
misery me, there is a floccipaucinihilipilification (*) of chronsynclastic infundibuli in these parts and I must therefore refer you to frank zappa instead, and go home