Pandemic view – plus privacy

April 2020
Filed under:
A fellow helps guide an international volunteer effort to develop COVID Watch, a mobile telephone application that prioritizes privacy.
COVID Watch prototype interface

A COVID Watch prototype interface shows alerts users may receive if Bluetooth data indicate they’ve been near another user who reported a positive test for the virus that causes COVID-19. (Image: COVID Watch.)

When the disease now called COVID-19 began spreading through China in January, Tina White grew concerned about its inevitable arrival in the United States.

The Department of Energy Computational Science Graduate Fellowship (DOE CSGF) recipient and Stanford University doctoral candidate learned that one of the most effective – but labor-intensive – means of slowing the virus is contact tracing. Health workers try to contact everyone who has associated with someone who tested positive for the virus and advise them to sequester themselves until they’re certain they haven’t been infected.

Technology such as tracking via Global Positioning System (GPS) can ease this process, but the way China, Israel and other countries applied it troubled White. Their methods gather extensive data that let governments identify and follow individual citizens.

“That activated the libertarian parts of me that were worried about something like that happening here, and worried about the surveillance state” when the disease hit the United States. White was doubtful governments could be trusted not to abuse data they gather to observe the virus’s spread.

That prompted White to organize an international effort to build a mobile phone application that prioritizes privacy but would alert users if they’ve recently been near a confirmed COVID-19 carrier. She and her colleagues are racing against time to produce and disseminate the program, aiming to stop the disease’s rapid spread and ease restrictions on interpersonal contacts.

White and her volunteer collaborators first considered anonymizing GPS data, but their privacy and public health advisors, including Stanford epidemiologist Julie Parsonnet, discouraged that approach because it’s difficult to do without significant privacy tradeoffs. Instead, the app, COVID Watch, relies on Bluetooth ­– short-range radio technology commonly used to wirelessly connect smartphones and other devices to things like headphones and vehicles.

When installed, COVID Watch would work in the background of the phone’s normal operation. It would make an anonymous record any time two phones are within about 2 meters of each other for a specific amount of time.

Bluetooth “doesn’t tell you anything about who a person is. It doesn’t tell you where they are. It says there was a contact between two unknown users” at a certain distance for a specific amount of time, says White, the project’s cofounder and executive director. That’s “crucial information for determining whether there’s been possible exposure to the virus” – especially during the period when a person has no symptoms but can still transmit it. More than 70 percent of Americans have a mobile phone, and nearly every such device carries Bluetooth technology.

“The most exciting thing for us about Bluetooth is that because the communication is local, between devices, it’s possible to decentralize the system, unlike with GPS data,” White says. “It’s perhaps the most private way you could do this.”

Every interaction is logged solely on each phone, rather than in a central database, and given a randomly generated contact event number (CEN). The CEN tracks only events with anonymous users, helping ensure a private system. The app also makes other privacy-enhancing changes, such as adding scrambled random numbers to further obscure contacts.

The list of CENs never is transmitted from a user’s mobile phone – unless they’re infected with the coronavirus.

Those who test positive typically receive a confirmation number from the U.S. Centers for Disease Control and Prevention (CDC) or a state government agency. The COVID Watch user would enter their number to self-report their results. The app would verify the information, helping block possible false alarms or malicious actors, the team says in a white paper posted to its website.

Once the positive test is verified, COVID Watch would copy the CENs from the infected person’s phone to a database. The information can’t be connected to the user, avoiding possible social stigma associated with the condition.

Other people’s phones periodically search the database for CENs that match those in their locally held logs. “If it finds one of its CENs, then the phone says ‘uh oh, I’ve been exposed,’” White says. The user receives guidance on whether to get tested or to go into self-isolation, but the app’s anonymous nature means government can’t compel them to heed the advice. CENs eventually are deleted from the database.

The team’s quantitative analysis of COVID Watch’s projected effectiveness indicates that if about 40 percent of a community uses the app and combines it with comprehensive testing and self-isolation of diagnosed individuals, “it could stop COVID-19, not just slow it down” within that group, White says.

The hastily assembled team of around 15 volunteers has overcome numerous technical issues. “Bluetooth was not designed for this,” White says, so “getting it work for this purpose has been a huge challenge.” One especially difficult obstacle: connecting smartphones that use the competing Android and iOS operating systems.

The code is available for others to improve, modify and adopt on the GitHub repository. The team has collaborated with other groups working on similar projects, such as Private Kit: Safe Paths at the Massachusetts Institute of Technology, and the independent CoEpi. Both implemented COVID Watch’s open-source Bluetooth approach.

A select group of users is testing COVID Watch to identify bugs. White hopes the team can fix the errors and issue a pilot version for public download soon. “Normally this would take months or years, so people have been working really hard.”

It’s a drastic change for White, who was nearing completion of her doctoral research into using machine learning for computational fluid dynamics calculations. After she became alarmed about COVID-19’s spread, she posted an article to a forum on Effective Altruism, a website that promotes identifying and implementing evidence-based solutions to problems.

“It was just writing that somebody ought to do this and build a privacy-focused version” of the Chinese contact-tracker application. She received responses from James Petrie, a doctoral candidate in applied mathematics at Ontario’s University of Waterloo, and Rhys Fenwick, a science communicator at Australia’s University of Wollongong, both of whom helped found the project. Petrie is now COVID Watch’s research head while Fenwick oversees communications.

The team includes others from across the United States plus the United Kingdom, Romania and British Columbia. Besides Parsonnet, the project has enlisted other academics and professionals as advisors on public health and epidemiology and on privacy and security.

White says the COVID Watch project has delayed her graduation until the end of the summer, but it’s worth it if the application gains acceptance. “I hope that we tell the story well so people understand that it’s effective and can help them, their friends, families and others without compromising any personally identifying information” so they “download it and are more likely to take the actions it recommends. If enough people in a community do that, they can stop the virus.”

This article originally appeared on the DOE Computational Science Graduate Fellowship website. Reposted here with permission.

(Visited 467 times, 1 visits today)

About the Author

The author is a former Krell Institute science writer.

Leave a Comment

You must be logged in to post a comment.