Profile picture
, 11 tweets, 5 min read
My Authors
Read all threads
Let’s go through Matt Hancock’s letter to @HarrietHarman @HumanRightsCtte on the NHSX app and take a closer look at some of these statements 1/
While any data collected *by* the user’s smartphone will not be shared, in centralised systems, other people share your identifiable data. All your broadcasts look like the same single device ID to the Gov. Other people upload their contacts with you, without consent.
In decentralised system, data observed abt others NEVER leaves ANYONE’S phone, ever. The reason Hancock can say data never leaves your device without your consent is because it doesn’t need to — it leaves the phone of people who have seen you, without your consent instead!
Publishing the protocol and source code is of a centralised system (hasn’t happened yet) is of little use unless significantly BEFORE an app is rolled out, and it includes the source code of the back-end server, because that’s where everything happens in an centralised system.
In the #DP3T project, upon which the decentralised Apple-Google approach is based, we published our full v1 protocol on 3 April and iOS/Android/Backend code on 13 April. Lots of scrutiny since then which has helped us improve. UK: it’s already in the app store, and nothing yet.
The Information Commissioner has also said in evidence they had not yet seen the DPIA, and their head of technical policy said under two weeks ago that they had not yet seen technical documentation.
It is not possible to use the app without centralising personal data under data protection law. All identifiers decrypt to a unique device ID. All data on the central server is personal data within the meaning of UK law, not anonymous, and which can single a user out.
(Note in the last message Hancock uses the term ‘personally identifiable data’, or PII. This is a US law concept which refers to things like names, passport numbers, which doesn’t exists in UK law and which is much, MUCH narrower than the definitions in the rest of the world)
This sentence is a bit of a sleight of hand. Of course data stored on the phone is deleted when you delete the app. You can also burn the phone. Matthew Gould, CEO of NHSX, said to @HumanRightsCtte that they would not permit users to delete data on the server, in the social graph
There are many reasons why you need to legislate. This app makes automated, significant decisions (or measures) which tell people to fundamentally change their lives. Article 22 of the GDPR and the DPA s 14 make it clear this requires a basis in law. See osf.io/preprints/lawa…
(clarity: there is a high level overview doc released a few days ago by NCSC that could count as a protocol, although it certainly does not cover everything. but better than nothing)
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Michael Veale

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#DP3T

More from @mikarv see all

Profile picture
Michael Veale
@mikarv
The Register has a very technically savvy long-read headlined simply: “UK finds itself almost alone with centralized virus contact-tracing app that probably won't work well, asks for your location, may be illegal” theregister.co.uk/AMP/2020/05/05…
Basically they highlight the way iPhones will “work” when locked in the NHS system; they, uh, won’t, unless they are near either an Android or someone with their iPhone which is unlocked, screen on, app foregrounded.
The takeaway: Two people who have their iPhones locked in their pockets will not register as contacts with each other. A room of people with iPhones locked in their pockets will not register with each other unless someone with an Android is in the room.
Read 5 tweets
Profile picture
Michael Veale
@mikarv
You can say it is protected.
You can say it takes effort to link to an individual person.
But databases of contact data connected to device IDs, such as that in the UK NHSX app, are *unambiguously* not anonymous data under UK law.
It was said such data are anonymous in the press briefing yesterday.
Unless you redefine the word for your conversation to not relate to UK law — which as that government you should not do — this is an untruth.
It is not a legal grey area. It quite literally is explicitly clarified in UK law that device identifiers are personal data. This clarification isn’t even needed to come to the conclusion above — the law is so clear it is easily arguable without it.
Read 5 tweets
Profile picture
Michael Veale
@mikarv
We have published a #DP3T paper analysing the document PEPP-PT released yesterday on its NTK protocol, following the events of the last few days. We are very concerned by the potential for misuse of this system. Our conclusion, and a thread. 1/n github.com/DP-3T/document…
The protocol allows the server to track both uninfected and infected people across time. If the same person walks past two different Bluetooth recievers, the server knows. Install one at passport control? CCTV? Or just put a registration form in the app.
Users might think their IDs are random, but hidden tags can be introduced into them which make individuals emit a characteristic. These tags can be demographic (eg profiling) or can be individualised to allow long term tracking by third parties w/o access to the back-end server.
Read 8 tweets

Embed code for your website

×
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!