EXECUTIVE SUMMARY:
An increasing number of nations are working to develop contact tracing apps that could help stop the spread of the coronavirus. The rollout of these apps has raised questions regarding how they work, the privacy implications, and their potential efficacy. In this interview, Tony Jarvis addresses these concerns and shares his expert insights.
Tony Jarvis, Chief Technology Officer of Asia Pacific and Japan region for Check Point Software, collaborates with business leaders and CISOs to understand their cyber risk exposure, and to tailor effective cyber security strategies to meet their needs. In addition to serving as the CTO for the Asia Pacific and Japan region, Tony contributes to corporate thought leadership, pursues media engagements, and represents the brand as a keynote speaker at international cyber security events.
How do contact tracing apps work?
Precisely how a contact tracing app works varies by country and app developer. In this interview, we’ll look at how some countries are implementing their apps, but the specifics will vary from one locale to the next.
In general, contact tracing apps use Bluetooth technology to identify other phones that are running the same app. Apple watches and wireless headphones work the same way.
The Bluetooth connection is trying to measure how far you are from the other phones that are running the same app. If you’re 1.5 meters from someone else’s phone, with the app, your phone will be able to detect that.
What happens to the data?
When you first open the app, it may ask you to enter your name, your age and your phone number. For the first two, name and age, you can enter false information, and the app will still work properly.
Remember, the app isn’t collecting your GPS location; it’s only looking at who you’ve connected to. That information is stored for roughly 21 days (varies marginally by country), and then deleted.
If you’re diagnosed with coronavirus, you enter a special code into the application. The data is uploaded to a central database, and the notification process then begins. In Singapore, where I am based, the people being notified do not know who it was they were in contact with or where they were in contact with them – no personal details are involved.
Are there any technical issues?
- iPhone users had to have their phone unlocked for the app to work
- Bugs which will gradually be fixed as the app is fine tuned
- Bluetooth is a wireless technology that is difficult to secure
- The app doesn’t account for mistaken diagnoses
What else should we know?
Google and Apple are currently working together to develop an app that is cross-platform compatible, where iOS information and Android information can be exchanged.
Google and Apple are also talking about building contact tracing into their underlying operating systems. Many people expected the eventual sunsetting of contact tracing apps once the pandemic is over. This move raises questions about espionage, data solicitation and more.
Can an app really curb the spread of a disease?
Research from Oxford University indicates that 60% adoption is necessary in order for contact tracing to work effectively. Governments are currently hoping for 40% adoption. At the moment, contact tracing app adoption in Singapore hovers around 20%. In Australia, the adoption rate is well under 20%. Adoption rates are tough to predict. Only time will tell regarding the numbers that we’re actually going to get.
My thoughts?
It is good that people are concerned about their data privacy. I think still worth signing up for now given the low value of the data and potential for high reward as a result of using these apps.
For an online webinar that broadly examines contact tracing apps, click here.
