[ad_1]
NHS officials are vying to introduce greater privacy safeguards for the contact tracking application at the center of the government’s shutdown exit strategy amid growing concern from security experts, MPs and users.
Whitehall sources acknowledged to The Guardian that they were “two steps away from public participation” because the app, which tracks all users it has met and warns them to isolate themselves when the user reports symptoms from Covid-19, it had to develop at high speed.
It plans to complete the appointment of an ethics board to improve oversight and publish the source code for the software in the next month, and has not ruled out “a suspension clause”, agreeing to delete all the data collected once the country returns to the normal.
But there are increasing concerns about public uptake after security specialists and parliamentarians voiced their concern, particularly about the central database that will contain anonymous records of those symptoms they report and with whom their phone.
Robert Hannigan, former head of the government’s intelligence and security organization GCHQ, said that although he thought the app “was not a threat to people” because it only recorded a person’s zip code along with a unique reference number for each phone, it was correct that the surveillance exercise should be reviewed after the crisis.
“My own feeling is that this should be for a limited time. So at the end of the pandemic, we should pause this experiment and have a proper public debate and a parliamentary debate on the use of these applications in the future, “he said.
Damian Collins, a former chairman of the sports and cultural media selection committee, wrote to Hancock, the health secretary, with a series of questions arguing that it was “vital that there be a high level of support” for the application, which it required ” guarantee”. that they will be given both their effectiveness and the processes to control the data collected by them ”.
The conservative MP asked if the app and the data collected “would be destroyed at the end of the pandemic,” as Australia agreed to do, to prevent the government from using it for other purposes.
The application has been developed by NHSX, a digital unit jointly under the Department of Health and the NHS. Those involved say that any information collected, a unique monitoring of the British population, will not be shared with any other government department or private company.
Retaining certain information in a central database has been deemed necessary because it allows the NHS to track regional outbreaks and obtain information on the future spread of the disease. Google and Apple have tried to promote a database-free alternative decentralized approach, which was rejected by the United Kingdom.
Ministers want 60% of the population to download the app to make it more effective at monitoring coronavirus outbreaks, but experts acknowledge that it can be used by around 20% at first until concerns are adequately addressed. about monitoring and privacy. with.
Professor Lillian Edwards, an Internet Law Specialist from Newcastle University, said that while the contact details that were withheld were described as anonymous, they were nonetheless personal, and that she was concerned that members of the public might not have the right to have them removed. .
“That is a basic right under our privacy rules, the famous right to be forgotten, and it shows some basic problems with centralized architecture,” he added.
But Raab said at the government’s daily press conference that the UK wanted to develop its own bespoke technology, and had taken appropriate security advice. “The reality is that we want the app to be focused on the UK and for technology to be tailored to make sure that we can meet the specific challenges that we have in this country,” he said.
“We have worked with the experts we have at the National Center for Cyber Security to make sure we have the best protections on things like privacy.”
Technical experts also raised concerns. Smartphone operating systems place strict limits on normal applications that prevent them from infringing user privacy, impairing performance, or breaking other applications.
Those limits affect the operation of the centralized NHS application: on iPhones, for example, the application will stop transmitting its identifier when another application is actively using it, and will only start transmitting if it first hears another identifier.
That means two iPhone users sat next to each other on a train, both playing the game Candy Crush, they couldn’t register as a contact, unless a third phone was nearby with the app open.
“On iOS, there are background service issues,” says Graeme Scott, founder of the critical intelligence platform Synoptic. “The problem with the NHS is that this is a 24-hour situation, dealing with background services when you can’t have some functionality available. Which begs the question: how reliable will it be?
On Tuesday, the deputy chief scientific adviser, Professor Angela McLean, praised South Korea for its tracking and tracing system, which it launched in March. The country has a population of 51 million and 245 coronavirus deaths, while Britain, with a population of 66 million, has a death toll of over 29,000.
“Find people who have symptoms, get tested, find fast and reliable ways to find people you’ve been in contact with, and ask them to quarantine,” McLean said at the government’s daily news conference.
“That is the strategy that has worked in South Korea and South Korea is really the place in the world where we can look and say ‘this worked.’ Actually, they had a fairly large outbreak that they controlled with follow-up contacts, so I think they are a good example for us and we should try to emulate what they have achieved. “
