New Paper Highlights Privacy Questions Governments Should Ask Contact-Tracing App Developers

When it comes to finding a vaccine or therapy to prevent or treat coronavirus disease 2019 (COVID-19), drug developers know a sense of urgency is no reason to circumvent rigorous ethical or safety protocols.

In a new white paper, scientists from Imperial College London say the same careful approach must be taken in the development of mobile phone apps designed to streamline the process of contact tracing for persons infected with the novel coronavirus.

From a technical standpoint, mobile phones are capable of tracking people’s movements and therefore of helping public health officials identify and alert the people with whom a COVID-19 patient recently had close contact. However, the same functionalities that make phone apps useful can also make them a tool for app developers or governments to violate the privacy rights of users.

To help solve the problem, Imperial College’s Yves-Alexandre de Montjoye, PhD, and colleagues have developed a list of 8 questions they say governments should ask in order to thoroughly vet the privacy risks of potential contact-tracing apps.

“We need to do everything we can to help slow the outbreak,” de Montjoye said in a press release. “Contact tracing requires handling very sensitive data at scale, and solid and proven techniques exist to help us do it while protecting our fundamental right to privacy. We cannot afford to not use them.”

Contact tracing apps are already on the market in some areas, and governments around the world have been in conversations with developers and other stakeholders about possible designs and uses for such apps.

As these processes move forward, de Montjoye and colleagues say governments ought to have an understanding of what data such apps collect, as well as how they protect the identity of users. Notably, the authors say identity protection isn’t just about hiding identities from other users or outside actors like hackers, but also from the app developers themselves.

"The goal of contact tracing is to warn people who are at risk, so there's no need for app developers to know who these people are,” de Montjoye said.

Identity protection also requires app developers to obtain and disseminate as little information as possible about users, the team writes.

“Having access to small amounts of information could help users identify who is infected, so apps shouldn't disclose information on a user's location or social networks to other users,” de Montjoye said.

While it might be necessary to obtain more information about infected or at-risk users in order to carry out the app’s core tracking and notification functions, de Montjoye and colleagues say governments should probe to find out what additional measures an app takes to safeguard such users.

Finally, the authors say governments need to look for transparency from developers in order to ensure the app does what it says, and does not do more than it discloses.

“Large-scale contact tracing is too sensitive an issue to rely on blind trust. Technical measures should be used to guarantee public scrutiny on the functioning of the app,” de Montjoye said.

“...This requires that the app be open source and app versions distributed on mobile app stores be verifiable, enabling developers to confirm that they're running the public, auditable code.”