Exposure Notification

Exposure Notification,[2][3] originally known as the Privacy-Preserving Contact Tracing Project,[4][5] is a system with public available specifications developed by Apple Inc. and Google for using smartphones to determine whether a person may have recently been within the proximity of someone that had been infected with Coronavirus disease 2019 (COVID-19). Exposure Notification is a decentralized reporting based protocol built on a combination of Bluetooth Low Energy technology and privacy-preserving cryptography, and is designed to be implemented as an opt-in feature within COVID-19 apps developed and published by authorized health authorities.[6][7] Originally unveiled on April 10, 2020, it was first made available on iOS on May 20, 2020 as part of the iOS 13.5 update.[8]

Exposure Notification
Developed by
IntroducedApril 2020 (2020-04)
IndustryDigital contact tracing
Compatible hardwareAndroid & iOS smartphones
Physical range~10 m (33 ft)[1]

The Apple/Google protocol is heavily-influenced by the Decentralized Privacy-Preserving Proximity Tracing (DP-3T) and the Temporary Contact Number (TCN) protocol by Covid Watch,[9][10] but is implemented at the operating system level, which allows for more efficient operation as a background process. Protocols such as TCN, DP-3T and BlueTrace are constrained in how they operate as they have no special privilege over normal apps. This leads to issues, particularly on iOS devices where digital contact tracing apps running in the background experience significantly degraded performance.[11][12][13] The joint approach is also designed to maintain interoperability between Android and iOS devices, which constitute the sheer majority of the market.[7] EPFL Professor Edouard Bugnion played an important role in getting Apple and Google to work together [9][10]

The ACLU stated the approach "appears to mitigate the worst privacy and centralization risks, but there is still room for improvement".[14] In late April, Google and Apple shifted the emphasis of the naming of the system, describing it as an "exposure notification service", rather than "contact tracing" system.[15]

Technical specification

Typically digital contact tracing protocols have two major responsibilities: encounter logging and infection reporting.[12] Exposure Notification only defines encounter logging, with the majority of the infection reporting being delegated to individual app implementations.[16]

To handle encounter logging, the system uses Bluetooth Low Energy to send tracking messages to nearby devices running the protocol to discover encounters with other people. The tracking messages contain unique identifiers that are encrypted with a secret daily key held by the sending device. These identifiers change every 15-20 minutes as well as Bluetooth MAC address in order to prevent tracking of clients by malicious third parties through observing static identifiers over time.[17]:02:51:10

The sender's daily encryption keys are generated using a random number generator.[18] Devices record received messages, retaining them locally for 14 days. If a user tests positive for infection, the last 14 days of their daily encryption keys are uploaded to a central server, where it is then broadcast to all devices on the network. The method through which daily encryption keys are transmitted to the central server and broadcast is defined by individual app developers. The received keys are then provided to the protocol, where each client individually searches for matches in their local encounter history. If a match meeting certain risk parameters is found, the app notifies the user of potential infection.[19] Google and Apple intend to use the received signal strength (RSSI) of the beacon messages as a source to infer proximity.[20] RSSI and other signal metadata will also be encrypted to resist deanonymization attacks.[18]

Version 1.0

To generate encounter identifiers, first a persistent 32-byte private Tracing Key () is generated by a client. From this a 16 byte Daily Tracing Key is derived using the algorithm , where is a HKDF function using SHA-256, and is the day number for the 24-hour window the broadcast is in starting from Unix Epoch Time. These generated keys are later sent to the central reporting server should a user become infected.[21]

From the daily tracing key a 16-byte temporary Rolling Proximity Identifier is generated every 10 minutes with the algorithm , where is a HMAC function using SHA-256, and is the time interval number, representing a unique index for every 10 minute period in a 24 hour day. The Truncate function returns the first 16 bytes of the HMAC value. When two clients come within proximity of each other they exchange and locally store the current as the encounter identifier.[21]

Once a registered health authority has confirmed the infection of a user, the user's Daily Tracing Key for the past 14 days is uploaded to the central reporting server. Clients then download this report and individually recalculate every Rolling Proximity Identifier used in the report period, matching it against the user's local encounter log. If a matching entry is found, then contact has been established and the app presents a notification to the user warning them of potential infection.[21]

Version 1.1

Unlike version 1.0 of the protocol, version 1.1 does not use a persistent tracing key, rather every day a new random 16-byte Temporary Exposure Key () is generated. This is analogous to the daily tracing key from version 1.0. Here denotes the time is discretized in 10 minute intervals starting from Unix Epoch Time. From this two 128-bit keys are calculated, the Rolling Proximity Identifier Key () and the Associated Encrypted Metadata Key (). is calculated with the algorithm , and using the algorithm.[22]

From these values a temporary Rolling Proximity Identifier () is generated every time the BLE MAC address changes, roughly every 15-20 minutes. The following algorithm is used: , where is an AES cryptography function with a 128-bit key, the data is one 16-byte block, denotes the Unix Epoch Time at the moment the roll occurs, and is the corresponding 10-minute interval number. Next, additional Associated Encrypted Metadata is encrypted. What the metadata represents is not specified, likely to allow the later expansion of the protocol. The following algorithm is used: , where denotes AES encryption with a 128-bit key in CTR mode. The Rolling Proximity Identifier and the Associated Encrypted Metadata are then combined and broadcast using BLE. Clients exchange and log these payloads.[22]

Once a registered health authority has confirmed the infection of a user, the user's Temporary Exposure Keys and their respective interval numbers for the past 14 days are uploaded to the central reporting server. Clients then download this report and individually recalculate every Rolling Proximity Identifier starting from interval number , matching it against the user's local encounter log. If a matching entry is found, then contact has been established and the app presents a notification to the user warning them of potential infection.[22]

Version 1.2

Version 1.2 of the protocol is identical to version 1.1, only introducing minor terminology changes.[22]

Adoption requirements

Modeling by researchers at Oxford University has suggested that 80% of all smartphone users in a city of one million people would have to use a tracking system to be effective against the coronavirus if no other measures against the spread of the virus were taken but contact tracing.[23] Since the two vendors effectively control the entire smartphone market (with Android having an 86.6% market share as of 2020, and iOS the remaining 13.4%),[24] the joint initiative between the companies puts them in a unique position compared to other potential actors in this field.

To address this, the Exposure Notification protocol is designed to be deployed and maintained via both platforms' respective application stores and update systems.[25] The APIs enabled through such updates will then be available for authorized applications from national health authorities.[26][27]

Privacy

Preservation of privacy was referred to as a major component of the protocol; it is designed so that no personally identifiable information can be obtained about the user or their device.[28][7][29][30] Apps implementing Exposure Notification are only allowed to collect personal information from users on a voluntary basis.[31] As an additional measure, the companies stated that it would sunset the protocol by-region once they determine that it is "no longer needed".[25]

The Electronic Frontier Foundation showed concerns the protocol was vulnerable to "linkage attacks", where sufficiently capable third parties who had recorded beacon traffic may retroactively be able to turn this information into tracking information, for only areas in which they had already recorded beacons, for a limited time segment and for only users who have disclosed their COVID-19 status, once a device's set of daily encryption keys have been revealed.[32]

Release schedule

Deployment plan

According to the joint announcement by Apple and Google, the system is intended to be rolled out in three stages:[33][34]

  • API specification and publication
  • rollout of tools to enable governments to create official privacy-preserving coronavirus tracing apps
  • integration of this functionality directly into iOS and Android

Apple have stated that the system is designed to work on all recent devices that can support iOS 13.[18]

The companies planned an API for development on April 28, 2020[35] and it was released to developers the following day.[36]

Release

The iOS 13.5 update released on May 20, 2020 introduced support for the Exposure Notification API.[8] Google stated that on Android, Exposure Notification will be serviced via Google Play Services (a system API component for Google services that is present on almost all Android devices outside of mainland China, and updated independently of Android itself via the Google Play store), ensuring compatibility with Android Marshmallow and later and not requiring them to be integrated into an Android firmware (which would hinder deployment).[37]

Regulatory scrutiny

On April 16, the European Union started the process of assessing the proposed system for compatibility with privacy and data protection laws, including the General Data Protection Regulation (GDPR).[38] On April 17, 2020, the UK's Information Commissioner's Office, a supervisory authority for data protection, published an opinion analyzing both Exposure Notification and the Decentralized Privacy-Preserving Proximity Tracing protocol, stating that the systems are "aligned with the principles of data protection by design and by default" (as mandated by the GDPR).[39]

Adoption by country

As of May 21, at least 22 countries had received access to the protocol.[31]

Switzerland and Austria were among the first to back the protocol.[40] On April 26, after initially backing PEPP-PT, Germany announced it would back Exposure Notification,[41] followed shortly after by Ireland [42] and Italy.[43]

Despite already adopting the centralised BlueTrace protocol,[44] Australia's Department of Health and Digital Transformation Agency are investigating whether the protocol could be implemented to overcome limitations of its COVIDSafe app.[31]

In England, the National Health Service trialed both an in-house app on a centralized platform developed by its NHSX division, and a second app using Exposure Notification.[45] On June 18, the NHS announced that it would focus on using Exposure Notification to compliment manual contact tracing, citing tests on the Isle of Wight showing that it had better cross-device compatibility (and would also be compatible with other European approaches), but that its distance calculations were not as reliable as the centralised version of the app.[46]

On May 25, Switzerland became the first country to launch an app leveraging the protocol, SwissCovid, although initially only in a pilot phase with a limited user group.[47] The app became available on the Play Store on Android the same day.[48]

On May 29, a consortium of IT companies and volunteers in Latvia launched application Apturi Covid, which makes use of Exposure Notification API. The county's president and government ministers installed the application on their phones on the launch day. Application developers stated a goal to reach 400 000 users, approximately 20% of the country's population.[49]

On June 1, 2020, Italy launched its Immuni app, based on the Exposure Notification API. [50]

On June 9, 2020, Poland launched version 4 of its ProteGO Safe app, which is now based on the Exposure Notification API. [51]

On June 15, 2020, Uruguay launched an update of its Coronavirus - UY app, based on the Exposure Notification API.[52] [53]

On June 16, 2020, Germany launched its Corona-Warn-App, based on the Exposure Notification API. [54]

On June 18, 2020 Denmark launched Smitte|Stop, based on the Exposure Notification API, i.e., a decentralized version. Originally a centralized version was developed but the app was dropped before it was released because of privacy concerns. The original version was developed free of charge by NetCompany but the price tag for released version is around DKK 20,000,000. By June 20, 2020 300,000+ copies of the program have been downloaded. [55].

On June 19, 2020, Japan launched COCOA based on the platform. It was misreported that the app was contracted to Microsoft,[56] but it is based on COVID-19 Radar Japan[57], an open source software development project started by an engineer at Microsoft Japan, who has committed to the project on a voluntary basis.

Non-adopters

Some countries, such as France and the United Kingdom, have pursued centralized approaches to digital contact tracing, in order to maintain records of personal information that can be used to assist in investigating cases.[29][58][59] The French government has asked Apple to allow apps to perform Bluetooth operations in the background, allowing the government to create its own system independent of Exposure Notification.[60]

In the European Union, countries such as Sweden have chosen not to use digital contact tracing at all.[61]

In the United States, states such as New York, California and Massachusetts declined to use the technology, opting for manual contact tracing.[62] The U.S. states of Alabama, North Dakota and South Carolina announced an intent to use Exposure Notification, but have not yet deployed any software that uses it.[63] The U.S. state of Arizona is testing the Covid Watch app developed with the Apple/Google protocol.[64]

References
  1. Sponås, Jon Gunnar. "Things You Should Know About Bluetooth Range". blog.nordicsemi.com. Retrieved 2020-04-12.
  2. "Exposure Notification API launches to support public health agencies". Google. 2020-05-20. Retrieved 2020-05-21.
  3. "ExposureNotification | Apple Developer Documentation". developer.apple.com. Retrieved 2020-05-21.
  4. "Privacy-Preserving Contact Tracing". Apple. 10 April 2020.
  5. "Contact Tracing – Bluetooth Specification" (PDF) (Preliminary ed.). 2020-04-10. Archived (PDF) from the original on 2020-04-10. Retrieved 2020-04-10.
  6. "Apple and Google are launching a joint COVID-19 tracing tool for iOS and Android". TechCrunch. Retrieved 2020-04-10.
  7. Sherr, Ian; Nieva, Richard (2020-04-10). "Apple and Google are building coronavirus tracking tech into iOS and Android". CNET. Archived from the original on 2020-04-10. Retrieved 2020-04-10.
  8. "COVID-19 exposure notification settings begin to go live for iOS users with new update". TechCrunch. Retrieved 2020-05-21.
  9. "Apple and Google update joint coronavirus tracing tech to improve user privacy and developer flexibility". TechCrunch. Retrieved 2020-04-26.
  10. Farr, Christina (2020-04-28). "How a handful of Apple and Google employees came together to help health officials trace coronavirus". CNBC. Retrieved 2020-04-29.
  11. Bogle, technology reporter Ariel (2020-04-26). "Want the COVID-19 tracing app to work properly? Keep your iPhone charged". ABC News. Retrieved 2020-04-26.
  12. Jason Bay, Joel Kek, Alvin Tan, Chai Sheng Hau, Lai Yongquan, Janice Tan, Tang Anh Quy. "BlueTrace: A privacy-preserving protocol for community-driven contact tracing across borders" (PDF). Government Technology Agency. Retrieved 12 April 2020.CS1 maint: multiple names: authors list (link)
  13. "How COVIDsafe app tracks people 1.5m from you". Chronicle. Retrieved 2020-04-26.
  14. "ACLU Comment On Apple/Google COVID-19 Contact Tracing Effort". ACLU. 2020. Retrieved 2020-04-22.
  15. Morrison, Sara (2020-04-24). "Apple and Google's new contact tracing tool is almost ready. Just don't call it a contact tracing tool". Vox. Retrieved 2020-04-27.
  16. Google Inc (2020-04-10). "Android Contact Tracing API" (PDF). Google Blog. Retrieved 2020-05-08.
  17. "COVID-19 - 06/05/2020 12:50:00 – Parliament of Australia". parlview.aph.gov.au. Retrieved 2020-05-06.
  18. "Apple and Google update joint coronavirus tracing tech to improve user privacy and developer flexibility". TechCrunch. Retrieved 2020-04-27.
  19. Google Inc, Apple Inc (2020-05-01). "Exposure Notification Frequently Asked Questions Preliminary — Subject to Modification and Extension" (PDF). Apple. Retrieved 2020-05-08.
  20. "Is Apple and Google's Covid-19 Contact Tracing a Privacy Risk?". Wired. ISSN 1059-1028. Retrieved 2020-04-18.
  21. Apple Inc, Google Inc (April 2020). "Contact Tracing - Cryptography Specification" (PDF). Retrieved 2020-06-14.
  22. Apple, Inc (April 2020). "Exposure Notification - Cryptography Specification" (PDF). Apple. Retrieved 2020-05-22.
  23. Kelion, Leo (2020-04-16). "NHS coronavirus app to target 80% of smartphones". BBC News. Retrieved 2020-04-16.
  24. "IDC - Smartphone Market Share - OS". IDC: The premier global market intelligence company. Archived from the original on 2020-04-17. Retrieved 2020-04-17.
  25. Newton, Casey (2020-04-14). "Apple and Google have a clever way of encouraging people to install contact-tracing apps for COVID-19". The Verge. Retrieved 2020-04-15.
  26. "Apple and Google launch exposure notification API, enabling public health authorities to release apps". TechCrunch. Retrieved 2020-05-21.
  27. "Google and Apple unite to help countries like Australia fix their contact tracing apps". ABC News. 2020-05-21. Retrieved 2020-05-21.
  28. "Apple and Google update joint coronavirus tracing tech to improve user privacy and developer flexibility". TechCrunch. Retrieved 2020-05-21.
  29. Newton, Casey (2020-05-08). "Why countries keep bowing to Apple and Google's contact tracing app requirements". The Verge. Retrieved 2020-05-21.
  30. Sherr, Ian. "Apple, Google announce new privacy features for coronavirus tracking tech". CNET. Retrieved 2020-05-21.
  31. "Google and Apple unite to help countries like Australia fix their contact tracing apps". ABC News. 2020-05-21. Retrieved 2020-05-21.
  32. Gebhart, Bennett Cyphers and Gennie (2020-04-28). "Apple and Google's COVID-19 Exposure Notification API: Questions and Answers". Electronic Frontier Foundation. Retrieved 2020-05-21.
  33. "Apple and Google partner on COVID-19 contact tracing technology". 2020-04-10. Retrieved 2020-04-10.
  34. "Apple and Google partner on COVID-19 contact tracing technology". Apple. 2020-04-10. Retrieved 2020-04-10.
  35. "First version of Apple and Google's contact tracing API should be available to developers next week". TechCrunch. Retrieved 2020-04-27.
  36. Etherington, Darrell. "Apple and Google release first seed of COVID-19 exposure notification API for contact tracing app developers". TechCrunch. Retrieved 2020-05-10.
  37. Bohn, Dieter (2020-04-13). "Android phones will get the COVID-19 tracking updates via Google Play". The Verge. Retrieved 2020-04-16.
  38. Drozdiak, Natalia (16 April 2020). "Google, Apple Covid-19 Tracking Tech Faces EU Scrutiny". Bloomberg News.
  39. ICO (17 April 2020). "Apple and Google joint initiative on COVID-19 contact tracing technology" (PDF). Information Commissioner's Office.
  40. "Switzerland, Austria align with 'Gapple' on corona contact tracing". Reuters. 2020-04-22. Retrieved 2020-05-06.
  41. "Germany flips to Apple-Google approach on smartphone contact tracing". Reuters. 2020-04-26. Retrieved 2020-04-26.
  42. "HSE Covid-19 tracing app data will be stored on individual devices". The Irish Times. 2020-04-29. Retrieved 2020-05-06.
  43. "Is it Safe? THE IMMUNI APP Digital Surveillance during the Coronavirus Pandemic". Byline Times / La Stampa. 2020-05-01. Retrieved 2020-05-06.
  44. "Five questions we need answered about the government's coronavirus contact tracing app". ABC News. 2020-04-16. Retrieved 2020-05-21.
  45. Neville, Sarah; Bradshaw, Tim; Warrell, Helen. "UK starts to build second contact tracing app". Financial Times. Retrieved 8 May 2020.
  46. "UK virus-tracing app switches to Apple-Google model". BBC News. Retrieved 2020-06-18.
  47. "SwissCovid App startet in die Pilotphase" [SwissCovid app launched into pilot phase] (in German). 25 May 2020. Retrieved 25 May 2020.
  48. "SwissCovid (Early Access)". Retrieved 26 May 2020.
  49. "Latvian 'Stop Covid' app first of its kind in the world". lsm.lv. Retrieved 2020-05-20.
  50. "Italy launches COVID-19 contact-tracing app amid privacy concerns". Reuters. 1 June 2020. Retrieved 3 June 2020.
  51. "Ministerstwo cyfryzacji uruchomilo aplikacje protego safe do sledzenia koronawirusa" (in Polish). 9 June 2020. Retrieved 9 June 2020.
  52. "Información sobre aplicación Coronavirus UY" (in Spanish). 15 June 2020. Retrieved 15 June 2020.
  53. "Uruguay aprueba uso de tecnología de rastreo de contactos de COVID-19 de Google y Apple" (in Spanish). 15 June 2020. Retrieved 15 June 2020.
  54. Bundesregierung. "Corona-Warn-App" (in German). Retrieved 2020-06-16.
  55. "Smittestop appen downloadet tæt på en halv million gange på den første uge" (in Danish). 2020-06-25.By June 25, 2020 the count of downloads had reached 497.000+ and 80 people have already reported sick using the app
  56. Byford, Sam (2020-06-19). "Japan rolls out Microsoft-developed COVID-19 contact tracing app". The Verge. Retrieved 2020-06-20.
  57. "COVID-19Radar". Retrieved 23 June 2020.
  58. Kelion, Leo (2020-05-20). "Apple and Google's Covid-19 'watershed moment'". BBC News. Retrieved 2020-05-21.
  59. "Government admits NHS app will not be ready for launch of contact tracing scheme". The Independent. 2020-05-20. Retrieved 2020-05-21.
  60. Fouquet, Helene (20 April 2020). "France Says Apple Bluetooth Policy Is Blocking Virus Tracker". Bloomberg. Retrieved 27 April 2020.
  61. "Coronavirus: Nordic countries reluctant to include Sweden in 'travel bubbles'". The Local. 2020-05-22. Retrieved 2020-05-26.
  62. Volgelstein, Fred; Knight, Will (2020-05-08). "Health Officials Say 'No Thanks' to Contact-Tracing Tech". Wired. Retrieved 2020-05-10.
  63. "Coronavirus contact tracing apps were tech's chance to step up. They haven't". NBC News. Retrieved 2020-06-13.
  64. Haggin, Rolfe Winkler and Patience (22 June 2020). "America Is Reopening. Coronavirus Tracing Apps Aren't Ready". Wall Street Journal.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.