By Opinion Time of article publishedSep 25, 2020

Share this article:

By Louis Fourie

JOHANNESBURG – Most people value their privacy. Therefore, the current debate about the new Covid-19 tracing app that the president urged citizens to download to ensure that the country does not go into another strict lockdown is expected.

A world ridden by terrorism and crime has caused the (selective) tracking of citizens by government agencies via cellphones and geolocation, real-time facial recognition, social media, phone calls, payments, and many other means. It is, therefore, understandable that people are becoming concerned about their privacy and are questioning the deluge of apps all over the world that can trace contacts and detect Covid-19 exposure.

Unfortunately, many of these apps and their methodologies are not very transparent and are therefore regarded with suspicion since people do not know how it will affect their lives in the long term. It is often not known what data will be collected and who it will be shared with. Rarely are policies announced to prevent abuse during and after the pandemic, especially in countries riddled by corruption.

The basic technology used by the apps vary significantly. Some apps identify a person’s contacts by tracking their cellphone’s movement through the data from the GPS or triangulation from nearby cell towers and comparing it with other phones that have spent time at the same location. Other apps use “proximity tracking,” in which cellphones exchange encrypted tokens with nearby phones over Bluetooth. This method is easier to anonymise and is usually considered better protection of the privacy of the individual than location tracking.

The apps of many countries rely on the the joint Application Programming Interface (API) developed by Apple and Google. It lets iOS and Android phones communicate with each other over Bluetooth, allowing developers to build a contact tracing app that will work for both. Some countries also use DPT-3T or decentralized privacy-preserving proximity tracing. DPT-3T is an open-source protocol for Bluetooth-based tracking in which an individual phone’s contact logs are stored only locally, so no central authority has access to the data.

Some of the tracing apps are more invasive than others, for example, China’s system gathers data regarding the citizen’s identity, location and even their payment history so that adherence to quarantine rules can be policed by the government. It is known that if a person spends too much time in a shop, a visit by authorities will follow. In China “big brother” is indeed watching. But is seems that Kuwait’s Shlonik App is even more invasive since it has been nominated by Amnesty International as the most invasive in the world.

Other apps raise serious privacy and security questions, the very reason why the Smittestopp app was deactivated in Denmark and Norway. The StaySafe App of the Philippines has also caused serious privacy concerns leading to citizens demanding better protection from major organisations. Similar concerns have been raised about the BlueZone App in Vietnam that requires access to the user’s contacts and other media on their mobile devices such as photos. In Indonesia the App PeduliLindungi collects individual’s location data and cross reference it with telecommunications provider data regarding location, calls and texts. The AC-19 app of Iran was banned by Google Play for collecting more data than necessary.

In many countries the apps are mandatory. In India the Aarogya Setu app is mandatory for citizens, as is the Ehteraz app in Qatar. However, the Ehteraz App also requires access to the individual’s photos. In Turkey only people who tested positive are mandated to install the Hayat Eve Sığar app. The data is then shared with the police. In the UAE, citizens are fined if they do not install and register on the TraceCovid App. In South Africa the Covid- 19 tracing App is only mandatory for visitors from other countries. Contrary to most countries, Malaysia was very transparent about their MyTrace App and published the open source of the App for all to scrutinise.

According to President Cyril Ramaphosa, the South African contact tracing mobile phone app, Covid Alert South Africa, uses Bluetooth technology to alert users when they are in close contact with another user who has tested positive for the coronavirus in the past 14 days. He also stated that “the app is completely anonymous, it does not gather any personal information, nor does it track anybody’s location.” According to the coronavirus website of the department of health, the app is built on the Apple-Google Exposure Notifications Application Programmable Interface (API) and has user privacy and security at the core of its design.

In light of the vastly different approaches and intentions of governments with the tracing apps, it is understandable that an active debate would accompany the new tracing app announced by the South African government. It is even more understandable in the light of several polls indicating that the trust of the government is at an all-time low due to the Covid-19 pandemicpreneurship and corruption. People in South Africa currently just do not want to be watched by government. Many South Africans are thus understandably sceptical of the app due to private data collection concerns.

However, senior legal counsel was involved throughout the development process of the app to ensure that privacy issues have been handled correctly according to privacy laws and to ensure compliance with the Popi Act.

It is also important to note that the app is totally voluntary, entirely anonymous, collects very little personal information and encrypts all information. It does not collect any names, e-mail addresses, phone numbers, or location data. It can only tell a person if he or she has been in contact with a person who has voluntarily disclosed that they have tested positive. It does not tell you who the person is. Neither does it tell the user exactly where the exposure took place. It only communicates that the user has been in close contact with a positive person on a specific day to allow the user to take immediate action.

The app uses random Bluetooth identifiers, which rotates every ten to twenty minutes to prevent tracking, as well as geolocation to collect minimal personal information about the user, which is then stored within their mobile devices in a model that is known as self-sovereignty identity. The technology is used to manage digital identities, thus giving users control over the manner and method in which their personal information is kept and used because the personal data is stored on their mobile device and not in a central government owned repository.

The Covid Alert App works very similar to the random number assigned to people waiting in a que. If random ID #111 and #222 were both at the same place at the same time and #222 later tests positive for COVID, user #111 will be notified about potential exposure without the app knowing the identity of user #111 or #222 or the contact details of the friends of #222.

However, if a person self-reports that he or she has been diagnosed as positive, the app does require the person to enter his or her date of birth after a pin has been received, to ensure that people are not misusing the app. The app will then notify all people the person has been in contact with that he or she has been exposed.

Large and powerful organisations like Google and Apple also have very strict rules with regard to compliance to the protection of personal information. Thankfully the government app is backed by the cutting-edge exposure notification system that has been created by Apple and Google with a strong emphasis on not collecting location data or tying the individual events to contact events.

It this seems that many of the false fears and warnings circulating on social media are incorrect and that downloading the app will support the fight against Covid-19. However, success of the Covert Alert app will rest and fall on the extent of the uptake. Early exposure notification is critical to how we contain this epidemic going forward.

There is a growing consensus that we must use a combined strategy of medical and technological tools to provide us with response at a scale that can outpace the speed and proliferation of the Covid-19 virus. It is important that we use the available technology and download the Covert Alert app to fight the pandemic.

Professor Louis C H Fourie is a Futurist and Technology Strategist.

BUSINESS REPORT

Source Article