The COVID Alert app has captured a bunch of attention in Canada for both good and bad reasons. There are plenty of reasons to believe that a good contact tracing app can help limit the spread of the COVID virus by alerting potentially infected persons to self isolate and get tested. Unfortunately, there are plenty of reasons for people to be concerned about the privacy of their health data too. Is there a way to determine if you’ve been exposed without informing everyone of your daily activities? Yes, but it’s a little complicated.
A little caveat here before my analogy, if you are carrying around a cell phone you are broadcasting your activities already. A cell phone can’t operate without a location connection to a cell tower, so while the COVID Alert app bends over backwards to prevent the individual identification, it cannot prevent your phone or other apps from recording and/or broadcasting your location.
Some of what makes the COVID Alert app work is complicated because it relies on cryptographic hashing, which is a mathematical technique for taking some information and turning it into a unique code that cannot then be used to work backwards to the original data. Think of it like taking last night’s leftovers, chopping them all up, and frying them with some sauce to make a hash. Each dish is unique and there’s no way to go back to the original leftover roast or vegetables. (And it’s delicious.)
Okay, so bearing in mind that no analogy is perfect here’s my go at how the COVID Alert app would work if we weren’t using phones and still wanted to alert everyone that you’ve potentially been in contact with a COVID positive person.
Imagine if everyone in Fernie wore a backpack every time they left the house. And also imagine that we all have our own unique deck of cards.
Now, while we’re out and about in town, grabbing a coffee, going to the post office, etc. whenever we stand together with someone for more than 15 minutes within a couple of metres we turn our back and let them put one of their cards in our backpack and we put one of ours in theirs. If there are several people we all do that. None of us know each other’s cards so we don’t know who put which card in there, we just have the cards.
Every day we go through our backpack and throw out all the cards that are more than two weeks old as anyone with the virus would have known by then.
Now, eventually, someone tests positive for COVID. When they do that they go to the bulletin board across from the post office and they post copies of the cards that they’ve handed out and all the cards that they’ve received from other people for the last two weeks.
You go by the post office every day and stop and check the bulletin board. If any of your cards have been posted, or if any of the cards posted match ones that someone put in your backpack then you have been in close contact with someone that tested positive. You don’t know who because you don’t know who gave you those cards. So, you self-isolate and get tested.
No one knows who’s positive, or who’s been in contact with a positive person, but everyone can find out if they are at risk by looking at the board.
Now, of course, all this is happening on your phone and not on the bulletin board across from the post office. And the “cards” I’m referring to are actually unique hash codes, but that’s essentially how it works.
As you can see the system affords a high degree of anonymity on the users, but there are a couple of points in the system where there’s potential for exposure (of information, not COVID.) If you happen to live in a town with only a handful of people where only a couple have cell phones, then a report of a positive will likely reveal who because the pool of possibilities is extremely small. The other opportunity is through IP addresses. Every server records the IP addresses of connections and there exists the possibility, if your phone never moves from its location, it may keep the same IP for a long enough period for someone to trace it back if they were so inclined. The likelihood of this occurring is probably about the same as winning the Lotto Max, so I wouldn’t worry too much about it.
The only other thing to mention is that the more people signed on the better the system works and the more anonymous it becomes, so download it and let’s hope BC signs on to use it soon.