In 2020, it should be possible to use technology to significantly aid with track and trace capability. However, it seems government attempts to apply technology all too often become entangled in a power struggle that results in design compromises and ultimately an inferior solution. Does government have to be this compromised?
The Power Struggle: Big Brother vs Science.
It seems like inside every government, there are bureaucrats with a burning desire for control of databases of information on the general public. In the ‘belief vs science’ battle, the belief appears to be that ‘in order to govern citizens we must have control over those citizens’.
The result is a struggle between those wanting a central database and those focused on privacy with too little emphasis on “let’s first solve the problem”. The privacy debate all too often ends up with a compromise: there is a central database which must be limited to data deemed acceptable, and with privacy protections that limit access to the data.
The privacy protection keeps privacy concerns at bay and the existence of the database gives those more big brother inclined hope that regulation on access to the data could be changed if security concerns warrant in future.
The Design Compromises.
The result of the power struggle is typically a system revolving around not the best data to use to solve the problem, but instead the data which is deemed acceptable to keep in a central database. Two design compromises:
- the inclusion of a central database – creating privacy concerns and potentially limiting uptake
- the reliance on Bluetooth contact detection – because anonymous Bluetooth contact IDs are deemed acceptable to reside in a central database, despite being of very limited value for track and trace purposes
There are far better data for track and trace, however this data does not drive a system towards keeping a database on citizens. The best solutions need no database collecting data on citizens, and therefore are rarely chosen.
This page on the MIT website outlines their ‘safepaths’ approach, which centres on approach explained in more detail here(DiaryAlerts). These solutions focus on downloading a redacted list of ‘at risk’ locations and do not share a users own data with anyone for full privacy.
The Central DataBase and Privacy Concerns.
I am not going to repeat concerns her, rather I will keep a list of articles by others:
- Review of Australian CovidSafe APP
- The UK’s Contact Tracing App Breaks The UK’s Own Privacy Laws (And Is Just Plain Broken)
- Privacy advocates raise new concerns with COVIDSafe app
- COVIDSafe downloads reach 5 million as experts question technical flaws (With comments by Prof Richard Buckland)
- US access of COVIDSafe data ‘not conceivable’, but legal advice not released