Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

UK 'racing' to improve contact tracing privacy without Apple and Google

The U.K. contact tracing app. Credit: NHS.

U.K. National Health Service officials are "racing" to improve its mobile contact tracing amid concerns that the public won't adopt it, and worries that iOS security could hamper its effectiveness.

In April, the NHS rejected the Apple-Google Exposure Notification framework, which lets public health groups build apps that can track the spread of coronavirus by alerting users who may have come into contact with an infected individual.

Without the Apple-Google framework, the NHS's contact tracing app will only be able to function properly on iOS if it's actively running in the foreground and a device is unlocked. According to technical experts who spoke to The Guardian, that could severely hamper its effectiveness.

The NHS opted out of using the Apple-Google toolkit because of the way it wants to store user data. The tech giants' system mandates that user data is stored in a decentralized manner. The NHS, on the other hand, want to keep information in a central database.

There are growing concerns among U.K. officials that the public won't adopt it, due to privacy concerns raised by security experts. The Guardian notes that the NHS isn't ruling out stronger privacy safeguards, such as a sunset clause that would see the contact data deleted after the pandemic is over.

Robert Hannigan, a former director for the U.K. signals intelligence agency, the GCHQ, said the app may not be a threat to individuals, but agrees that the "exercise in surveillance" should be reviewed after the crisis.

Public health groups in other countries are facing a similar set of issues. In the U.S., for example, lawmakers and the president have expressed concerns about the system's privacy.

France is also moving ahead with a contact tracing app that won't rely on the Apple-Google API, and also recently shamed Apple for not sacrificing user privacy for coronavirus aid.



23 Comments

Wgkrueger 8 Years · 352 comments

“Tried to shame” is more like it. 

elijahg 18 Years · 2842 comments

I've noticed more and more people on social media saying they won't use it due to the potential for being tracked.

The NHSX app is relying on people being in contact with someone else with BT on and who has used the app or been near someone else who has in the last 5 minutes. This is because an app in the background can awaken to receive BT signals but cannot broadcast for more than a few minutes. So if someone is out of range of other people for 5 minutes, the app is useless until its opened again or is near someone who is broadcasting. Those other people with the app must also have opened it in the last 5 minutes or have walked past someone who has. The chance is very slim. I suspect after an outcry the NHSX will switch to the Apple/Google method instead. Whether people will trust that instead remains to be seen.

robin huber 22 Years · 4026 comments

Yes, we all saw how well merchants like CVS did with their home baked alternative to ApplePay. Even Brits say their government has no credibility when it comes to creating apps. 

verne arase 11 Years · 479 comments

Why doesn't the Google/Apple framework allow contact tracers to download the data off the phone?

That way it can be stored decentralized until it's needed.

darkpaw 15 Years · 212 comments

Reasons why I'm not going to use this app:

- The development of the app was given to a specific company. It was not sent out to tender. Now, you can argue that we don't have a lot of time and we needed it developed quickly, BUT...
- The reported budget for the app was £250 MILLION... (Not sure on the veracity of that figure, but it's been widely reported. It may just be part of the deal between UK.gov and Palantir/Faculty.)
- It is being developed by both Palantir (run by the right-wing billionaire Peter Thiel) and Faculty...
- Faculty is an AI startup run by someone called Marc Warner...
- Marc Warner's brother is Ben Warner...
- Ben Warner was recruited to Downing Street by Dominic Cummings (if you don't who DC is, he's basically an unelected advisor to our inimitable dickwad, Boris Johnson)...
- Ben Warner was instrumental in the Vote Leave campaign.

Further:
- Dr Ian Levy is Technical Director of the National Cyber Security Centre. He put out a blog post pretty much saying, "Everything is fine. We won't grab your data, no-sireeeee, and we absolutely won't expand the remit of this app, until we absolutely feel the need to do exactly that". Within hours, NHSX said they'll expand the remit of the app where necessary. So-called "mission creep".
- The app ONLY works for NHS England, so spending any time with someone from, say, Wales or Scotland, won't work because they won't be using the NHS England app; they'll be using the NHS Wales or NHS Scotland app.
- The app will NOT work with the Apple/Google solution which means if you go abroad, neither your device nor anyone else's will match, so will record zero interactions.

So, no. I won't be downloading this app.

The Apple/Google solution would've been exactly what we needed, and it works across borders. Apple even provided the source code necessary to create a functioning app. Sadly, our government thinks it's the dog bollox when it comes to everything, so they've gone off on their own.

You wonder why the UK currently has the highest number of Covid-19 deaths in Europe? Because our government is pathetic. Our MPs are idiots. Our Health Secretary, Matt Hancock, said he wanted to test 100,000 people a day by the end of April. 30th April comes along and lo and behold we hit 122,000 tests! Oh, sorry, no, we hit 76,000 tests. The other 46,000 tests were actually just mailed out and hadn't actually been used. They did this to save his political career. In the days following the 30th April we tested 66,000 people then 56,000 people.

The UK is an f-ing joke.