The UK government has snubbed an Apple and Google's jointly-developed contact-tracing API due to its insistence on collecting data in a centralised way.
The NHS had been working with the tech giants on an app to ease society’s return to life as normal once the government was ready to lift lockdown measures by tracing the spread of COVID-19.
The mechanism would have relied on unique key codes being exchanged between users through Bluetooth signals to register that contact has been made. People would then be notified as and when they may have come into contact with somebody potentially infected with COVID-19.
The unique code would update when individuals mark themselves as having coronavirus symptoms, or if they test positive for coronavirus. Those who have been in contact with them would subsequently receive a notification.
This system, however, would operate based on a decentralised model by which ‘contacts’ are registered between users’ handsets, and never through a centralised database. The government had been keen on pursuing the latter because it would allow for an overarching view of the populations’ movements and how the virus might be spreading.
This led to an initial standoff between NHS developers and the tech companies, but with the Silicon Valley giants refusing to budge, the government has rejected Apple and Google's technology entirely.
This prospect was seen as troublesome because some of the functionality that’s key for contact-tracing working, such as the app being “always awake” in the background even when the phone is asleep or idle, would be difficult to code from scratch.
Google and Apple’s API was written with problems such as this in mind, so adopting the technology would have expedited the development and distribution process for NHSX, the health service’s digital arm.
The government, however, is confident in the way it’s building its own version of the app, as well as in its functionality, and has reportedly begun testing a prototype version at the North Yorkshire RAF base.
"Engineers have met several core challenges for the app to meet public health needs and support detection of contact events sufficiently well, including when the app is in the background, without excessively affecting battery life," an NHSX spokesperson told BBC News. The spokesperson added the software works “sufficiently well” on iPhones without users needing to keep the app active and on-screen.
Another risk for the government in going it alone, beyond functionality, is adoption, with experts suggesting there needs to be between 60% and 80% uptake for contact-tracing to work.
The decentralised model for contact-tracing is seen by many as more privacy-aware, especially given Google and Apple have insisted they would shut down the system once the pandemic ends. In rejecting this model in favour of a centralised version, the government may be seen to be pursuing a less secure and less privacy-centric model, which would discourage widespread adoption from privacy-conscious individuals.
The German government, which is recognised as having handled the coronavirus crisis better than most nations, announced recently its intention to take up Google and Apple’s API, suggesting any app must meet data protection standards and guarantee security.
Countries like Singapore, meanwhile, which released an app before Google and Apple developed their technology, has seen a low adoption rate of up to 13%, rendering it effectively useless in managing the spread of COVID-19.
Australia has also released its own contact-tracing app, based on the software developed in Singapore, although it’s seen an encouraging download rate so far, according to SBS News.
While the UK government remains confident in its approach, the Ada Lovelace Institute, an independent research body, poured cold water over the plans in a piece of rapid-response analysis. Chief among the organisation’s complaints was that the UK was ‘too technically limited’ to build and distribute an effective app, with severe limitations and social risks rendering any app launched as futile to its purpose.
IT Pro approached NHSX for a statement, and for clarification on whether it's confident the public would voluntarily download its custom-built app on the scale needed considering the privacy concerns.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Phishing emails target victims with fake vaccine passport offerNews Scammers could steal victims’ personal information and never deliver the illegal goods, Fortinet warns
-
COVID-related phishing fuels a 15-fold increase in NCSC takedownsNews The NCSC recorded a significant jump in the number of attacks using NHS branding to lure victims
-
COVID vaccine passports will fail unless government wins public trust, ICO warnsNews Data watchdog's chief Elizabeth Denham warns that it’s not good enough to claim ‘this is important, so trust us’
-
Fake COVID vaccination certificates available on the dark webNews Fast-growing market emerges for people wanting quick vaccine proof to travel abroad
-
Cyber security firm saw attacks rise by 20% during 2020News Trend Micro found attackers also heavily targeted VPNs
-
Hackers using COVID vaccine as a lure to spread malwareNews Cyber criminals are impersonating WHO, DHL, and vaccine manufacturers in phishing campaigns
-
Website problems slow coronavirus vaccine rollout
News Florida is the epicenter of website issues, as patients struggle with malfunctioning sites and hackers
-
NHS COVID-19 app failed to ask users to self-isolate due to 'software glitch'News The bug is the latest in a long line of errors and glitches to plague the government's contact-tracing app
