TraceTogether_Why_open_sourcing_matters.pdf

Transcript

1. TraceTogether Why open sourcing matters for trust and confidence Harish

   Pillay, [email protected], @harishpillay CC-SA 13 May 2020

2. What is the problem that needs to be solved, and

   why? - Contact tracing - Close range and exposure duration as per epidemiological advice - Ensuring that privacy of individual is honoured - To identify affected individuals and help them recover in order to control the spread

3. Why open source? 1) Open source offers a layer of

   trustworthiness 2) It can be reviewed by experts globally to confirm it works the way the development team says it should. 3) It encourages people from all over to collaborate to solve a very critical, existential challenge 4) Trust but verify

4. Privacy/Security Challenges a) Using mobile phones to collect proximity data

   b) In collecting proximity data, the privacy of the individual has to be honoured and vigorously protected c) The individual, upon being positively identified as being infected, has to, with consent, allow proximity data collected to be made available to authorised health authorities in mitigating infections via contact tracing. d) The solution should be specific and targeted with a sunset clause built-in including deletion of all proximity data on the device as well as those sent to health care systems.

5. How Solutions Stackup Code Signal Centralised Loosely Centralised Decentralised TraceTogether

   Open GPLv3 Bluetooth,, wifi/mobile data - Phone # asked for registration - Upon infection, with permission, contact logs used to contact trace CovidSafe Open Bluetooth, wifi/mobile data - Same as TT but asks for full name, age range, postcode Aarogya Setu Closed Bluetooth wifi/mobile data GPS All data is sent to the central server periodically SafePath Open Bluetooth, wifi/mobile data GPS Fully decentralised until infected and with permission data uploaded PEPP-PT (a framework) Open