CS Nov-Dec 2020

More documents

Recommendations

Info

contact tracing WE HAVE CONTACT THERE IS AN INCREASING RELIANCE ON DATA-DRIVEN TECHNOLOGIES TO HELP CONTAIN COVID-19, ESPECIALLY THROUGH CONTACT TRACING. BUT MIGHT THESE INFRINGE HUMAN RIGHTS? All contact tracing apps have one thing in common: they record when you're close to someone else (usually in a way that preserves your privacy) and try to characterise how close and for how long, states Ian Levy, in a blog published on the National Cyber Security Centre website. In all sensible models, he points out, this information is held privately on the user's phone. "The differences start when someone reports they're ill. Then, the different design choices and cryptographic models dictate the public health responses your app can support." In his blog, Levy uses the word 'anonymous' in its security sense. "That's different to the definition under GDPR and other law. The proper legal descriptions of the data we use are in the Data Protection Impact Assessments, which will be published," he continues. In the first model (known as 'the decentralised model'), you tell the system you're ill and give it no extra information. Periodically, it collects a list of everyone who has said they're ill and sends it out to all users of the app. "Individual devices look to see if any of its local contacts are on the list and tells their user, if this is the case (subject to some local risk modelling about the sort of encounters they had). Notifications will lead to some health interventions, probably selfisolation to start with." Those concerned about failures to protect individual's privacy have argued that this decentralised model is the one to follow, as it gives maximum protection. However, Levy argues that, "while the health authority would know the anonymous identity of the 22 computing security Nov/Dec 2020 @CSMagAndAwards www.computingsecurity.co.uk
contact tracing app that's reported symptoms [or sometimes perhaps just a Bluetooth broadcast value], it wouldn't know any of the contacts [even anonymously] and so won't know anything about how that user may have spread the disease". In some systems, he adds, "some users may be able to donate some aggregate contact data”. In one instance, he had seen five people who claimed to be infected', but nothing could be linked to a particular contact event, or other user. CENTRALISED APPROACH The other model is the 'centralised' one where an ill user reports their symptoms, but also gives all their anonymous contacts to the public health authority, along with some details about the type of contact they've had (duration and proximity, for example). "The health authority can use risk modelling to decide which contacts are most at risk, and then notify them to take some action - again probably self-isolation to start with. Importantly, the public health authority has anonymous data to help it understand how the disease appears to be spreading and has the anonymous contact graphs to carry out some analysis." So, the health authority could discover that a particular anonymous person seems to infect people really well. While the system wouldn't know who they are, encounters with them could be scored as more risky and adjust the risk of someone being infected by a particular encounter appropriately. The NHS app uses this centralised model, but also protects your security and privacy strongly," Levy comments. While some see technological solutions as a critical tool for contact tracing, quarantine enforcement, tracking the spread of Covid- 19 and allocating medical resources, these practices raise significant human rights concerns. In fact, Norway's Smittestopp contact tracing app was suspended in mid- June, following criticism that it was too invasive of people's privacy. The criticism came from the national data protection agency Datatilsynet, which stated that the benefits of the app were disproportionate to the privacy infractions it cost their citizens. Norway's institute of public health also agreed to delete all data. Significantly, Smittestopp used a centralised model of data collection, which was also being utilised in the UK and France's contact tracing apps. WAKE-UP CALL "Norway's decision to suspend its COVID-19 contact tracing app, due to privacy concerns, was excellent news for Norwegian citizens and a wake-up call for other countries currently using or rolling out similar centralised contact tracing systems," was the comment at that time from Ray Walsh, digital privacy expert at ProPrivacy. "Norway's Smittestopp app uses a centralised model of data collection - a troubling and invasive system identical to that being used in both France and the UK. Norway's contact tracing app scored just 1 out of 10 in our in-depth study of Coronavirus contact tracing apps, making it one of the most invasive and dangerous apps in the world. Anytime that data is held in a centralised database, that data is at risk of data mismanagement, abuse, leaks or data breaches. Plenty of countries have demonstrated that it is possible to implement a contact tracing system that is completely decentralised and that does not unnecessarily put citizens' privacy at risk." Meanwhile, a team at the Technical University of Munich (TUM) developed an IT service that simplified the registration and contact tracing process, while protecting personal data. The service was therefore seen as one that could complement the warning app launched by the German Ministry of Health and might also be used at locations where contact lists are not mandatory. Still, effective contact tracing is important for successfully limiting the spread of pandemics, says Georg Carle, professor of Network Architectures and Services at TUM. In search of a solution, he worked with his former doctoral candidate Johann Schlamp to develop QRONITON. This service, which uses QR codes that can be scanned with a mobile phone, will enable organisations to meet their documentation obligations and help public health authorities to identify endangered individuals quickly. Any location - whether it's at a restaurant table or an seat in a lecture hall - can be provided with an individual QR code. When scanned by a user, the code is captured along with a time stamp and contact data. What sets this solution apart from similar approaches is a sophisticated, multi-stage encryption system that protects the data. RESTRICTED ACCESS "The data are stored centrally on a server," says TUM's Carle. "However, they are encrypted in a form that cannot be read by the server operator, and which the authorities can access only in the form of subsets - and even then, only with the consent of the concerned parties." If an infection with the novel coronavirus SARS-CoV-2 is reported to a public health authority, it will provide a personal authorisation code to the infected individual. The authority can access data on the places visited and the direct contact persons only if the infected person enters the code in QRONITON. "The principle of data minimisation was very important to us," says Schlamp. "The system captures only a telephone number and a postal code. The latter is used to determine which authority can access the data in case of a concrete infection risk." QRONITON is a browser-based tool, which means that the user does not need to install an app. It also means that users can be sure that data are not being collected in the background. They can decide themselves whether or how often they wish to scan QR codes. The developers also had users without www.computingsecurity.co.uk @CSMagAndAwards Nov/Dec 2020 computing security 23
Page 1 and 2: Computing Security Secure systems,
Page 3 and 4: comment TIME TO TAKE GDPR UP A GEAR
Page 5 and 6: Pragmatic and experienced risk mana
Page 7 and 8: editor's focus "Well trained staff
Page 9 and 10: health monitoring within the compan
Page 12 and 13: smishing SMISH, SMASH, BASH! A RELA
Page 14 and 15: smishing scams, while the Associati
Page 16 and 17: industry insights THE NEW ORDER IS
Page 18 and 19: mergers & acquisitions HITTING THE
Page 20 and 21: Data privacy BEYOND THE EU-US PRIVA
Page 24 and 25: contact tracing smartphones in mind
Page 26 and 27: hacking surge HACKERS FOR HIRE HACK
Page 28 and 29: hacking surge Adrian Rowley, Gigamo
Page 30 and 31: threat intelligence APTS AND COVID-
Page 32 and 33: gender inequality TIME TO REBALANCE
Page 34 and 35: gender inequality equates to - and
Page 36: NEW Sensitive Data Discovery and Re

CS Nov-Dec 2020

Create successful ePaper yourself

Delete template?

Save as template?