Scientists have developed a new Bluetooth contact tracing app for detecting COVID-19 proximity, that they say will help epidemiologists to analyse the spread of the pandemic while fully protecting individual privacy.
The DP-3T tracing system has been developed to the highest privacy standards, and is ready to deploy into an app, according to the researchers from University College London (UCL) in the UK.
The system ensures no personal data ever leaves an individual's device, and is not centralised in a cloud server, meaning it is not able to be repurposed for anything other than public health, they said.
'There are a lot of concerns about Bluetooth tracing being administered centrally by governments, particularly in countries that have weaker privacy laws and concern for human rights,' said Michael Veale from UCL.
'We have developed a practical solution that could help tell someone when they come into contact with someone that has tested positive for COVID-19, while at the same time ensuring that the user's information never leaves their phone,' said Veale.
The system would work whereby people who have tested positive for COVID-19 are authorised to upload random, constantly changing identifiers they have been emitting via Bluetooth using the app.
The researchers explained that Individuals that have the app, and have been in proximity to that person, compare downloaded random identifiers to the ones they have collected using their own devices.
If they were in close proximity for a significant duration to a person that had tested positive, they would receive a quick notification to alert them, along with the World Health Organization (WHO) approved guidance on next steps.
While these uploaded identifiers are useful to those who use the app, they are useless to the central server, the researchers said.
The server will not be able to identify who an uploader is or any characteristics about the individual, the study.
The scientists noted that several governments across the world have used contact tracing, as part of efforts to control the spread of the coronavirus.
China, for example, has reportedly relied on mass surveillance of phones to classify individuals by their health status and restrict their movements, they said.
However, concerns have been raised about what this means for individual privacy rights, and what happens if the data is misused or used beyond the initial purpose.
'Given this is a global problem, it is key such a system works across borders, so they can be re-opened,' said Veale.
'If one country uses a centralised system, then they all have to, putting citizens of countries with limited respect for human rights or the rule of law at serious risk,' he said.
The new system works the other way -- citizens around the world would be protected from surveillance and misuse, while epidemiologists get the insights they tell us they need, the researchers said.
The team of 25 scientists from across Europe including the Swiss Federal Institutes of Technology and KU Leuven in Belgium, developed a system that hides all personal information from the server.
The researchers explained as the different identities in the system receive the minimum amount of information tailored to their requirements, none of them can abuse the data for other purposes, nor can they be coerced or subpoenaed to make other data available.
The said that no entity, including the backend of the app, can track non-infected users.
The system will organically dismantle itself at the end of the pandemic.
Infected patients will stop uploading their data to the central server, and people will stop using the app. Data on the server is removed after 14 days, according to the researchers.