My Authors
Read all threads
Epidemiologists call the stuff they do to trace the spread of disease "public health surveillance." The word "surveillance" there isn't an accident - doing things like contact-tracing IS surveillance, and it has enormous potential for abuse and accidental, terrible breaches.

1/
As the pandemic spreads, some are rethinking their stance on surveillance, but this could go really bad - as we learned after 9/11, lots of people are committed to "not letting a crisis go to waste" - and authoritarianism is a one-way ratchet.

eff.org/deeplinks/2020…

2/
The holy grail is "privacy protecting surveillance," which is as much of a minefield as it sounds like. But this proposal, from a new nonprofit called @PeppPt describes a plausible - even promising - approach.

pepp-pt.org/content

3/
Here's how I THINK it works: your phone runs an app that gathers your location data as it moves from through time and space, emitting a temporary, anonymous identifier to other nearby phones that are also running the app.

4/
When your phone and another phone are close to each other for " an epidemiologically sufficient period of time," each of them record the other's unique identifier, but doesn't send it anywhere. Old records are deleted over time.

5/
If you ever test positive for coronavirus, you get a cryptographically signed token from the health authority, and then you get to opt into sharing your recorded recent-contact identifiers with the system.

6/
The system then broadcasts a message to all users saying, "Hey, if you had contact with a user with this identifier, you might have been exposed. Please get tested!" Your app interprets the message and alerts you if you have had contact with the positive-testing person.

7/
Each national health authority has its own prefix or something for the unique IDs, so there's a way to know if you had contact with someone who's left the country and needs to be warned that you might have infected them (all this happens automagically in the background).

8/
This sounds really good! But there are some caveats.

First of all, someone - not me - should audit both the high-level plan and the code that implements it. There are millions of ways this could go wrong.

9/
And second, the consortium of 130 member orgs includes some really good academic institutions, but also (for obvious reasons) lots of phone companies and other historic privacy abusers.

10/
Figuring out how we can trust this system without having to trust its creators (through source/binary transparency, and maybe something like Certificate Transparency's use of public append-only logs) is really important, too.

11/
I am NOT qualified to audit the plan or the code here. At a high level geared to a dum-dum like me, this is plausible and promising. All I'm qualified to do is look at the metadata: who is doing it, and what have they done to show their working to smarter people than me?

eof/
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Bernie Beats Trump

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!