Would you install and use an NHS Covid tracking app?

I wouldn’t install it on the basis that history has shown governments cannot be trusted and once the public become comfortable with something they will find a reason for keeping it permanent “for our safety”.

Everyone is worried about privacy, but avoiding the problem that it won't actually work - nothing to do with perfection, you can't really model infectious transmission with Bluetooth, sometimes "there's an app for that" is the wrong answer.

All you can interpret from Bluetooth is signal strength. You have no clue if you're shielded, the other person is shielded, or you're just a long way away. You can try and match cellular signal degradation to work out if you are shielded, but that's about it - the other two factors are completely unknown. Bluetooth signal strength cannot differentiate between you walking next to someone, holding your laptop in front of your phone to block the signal, and walking 5 metres from them. So the claim "we can work out if you're within infectious range using Bluetooth" is rubbish.

Then you get to the timing issue. We appear to have an arbitrary "10 minute" factor that means the app will only alert you if you've been close to someone for 10 minutes. That's clearly rubbish - you can get it from a single cough, or grabbing a handrail that someone has grabbed a second ago. The 10 minutes is a random number someone has put in to avoid a tidal wave of false positives. If 10 minutes was "real" the lock down rules would be different...

So, we've got a detection mechanism that is fundamentally flawed, and a false positive filter that has no basis in science. According to this app, you can't catch it on the tube, a bus or in a lift. You can catch it talking to someone for 10 minutes, who you probably know well enough to be told if they have it by your colleagues or friends.

I hope Apple tell them to do one. And the NHS.

I might have to look at the new SE...

While I agree with all of that, we shouldn’t let perfect be the enemy of useful.

This isn’t going to pick up that you crossed paths with someone in the street.

It will pick up that you shared a bus/tube/office whatever with them, and could be used to reduce risk and drive the R0 down.

I’ve briefly scanned the documentation from google/Apple and can’t see an obvious privacy risk if they do what they say they do.

Indeed. everything RXE says is absolutely a legitimate concern, particularly around false positives and potential abuse of the system. That needs to be looked at carefully, as the hugely important factor here is the public at large having confidence in it. That's also why I think the privacy aspect is so important. The overriding thing that needs to be achieved here is to get it onto the phones of as many people as possible. For that to happen people have to have confidence that their data will not be sucked up, and that it's not going to potentially massively disrupt their lives through false alarms.

Just to pick up this point, this is one thing it won't do, provided it's created as advertised. It'll let each individual 'potential infectee' know that they need to self isolate, but it won't allow the data to be used by authorities to trace the people concerned, or to map infection through the data. That's part of the privacy aspect. It simply works to reduce secondary infections through the individual, not through reporting, unless the individual chooses to allow this.

It's been designed to maximise privacy with inevitable limits on the effectiveness. I'm convinced that if you started with the objective of saving lives (or lifting the lockdown with the least threat) then you would end up in a completely different place.

Respect for privacy is very likely to contribute towards killing people, or imposing huge economic cost. It's not free.

It won’t pick up that you shared a bus or tube with someone on a typical London journey. It won’t be able to detect that you stood behind someone in a queue for a few minutes. If it is going to do those things, then the timeout will have to drop to less than a minute. Drop the timeout to less than a minute, and you’ll get an alert every day.

Most people share office space with people they know - as in the people they work with. Thus they will know someone is ill when they call in sick - which they will probably do before updating the app.

The only people this works for are the tech bros who think everyone works in WeWork, and that sitting next to complete strangers in the office is normal. Very few people work like that.

Just imagine yourself as infectious and going about your normal working day. This would certainly miss >90% of my infection opportunities as currently designed.

Indeed, Google, Amazon, Facebook suck down your data like it's going out of fashion. Apple takes rather less, but granted, it's not entirely as angelic as it likes to present itself. However, there's a fundamental difference between a commercial company harvesting your data, and a government agency doing so. Commercial companies can target advertising. Governments can lock you up. That's an extreme argument I realise, and in this case one would hope it would go to PHE and no further, and not be subject to any mission creep. But you can't guarantee that, and there's a strong argument for not allowing governments to track the movements of their citizens in this manner.

Undoubtably. And your opinion on that will vary from person to person, on their attitude to privacy, tolerance of data gathering, suspicion of authority and how they balance life/ the economy/ privacy. The issue here is that to have a chance of having any effect, we need to maximise the uptake of this. Granted, it may have more effect and utility if it provided location data, and personal details to PHE/ NHS, but that may massively reduce the uptake. Better surely to get a lot of people downloading it and get at least some effect from it, even if it's not the full potential?

There is that risk yes. If I recall correctly, the proposed NHS app will have two levels of alert - yellow, if triggered by someone self declaring they've got CV19, or red if they've been tested. If they've been tested, the idea is the doctor/official that tests them gives them a code to input into the app to confirm it's genuine, and the app will only trigger red alerts with a code entered. The idea being I guess is if your phone pings you with yellow, you use your judgement on what you need to do, if it pings you with red you're obliged to self isolate. How that's enforced I'm not really sure.....?!


So the way this works is by phones exchanging cryptographic keys over bluetooth. There's no identifying information attached to them, so no meaningful data to share. The only data it shares, with the users permission, is the list of your keys from the last 14 days if you start to experience CV19 symptoms/have a test. A central server stores these lists of 'infected keys' which your phone downloads periodically. If any of them matches the keys your phone has generated, it alerts you.

Yes, there is a risk of abuse of the system, but see above for the way that's to an extent mitigated through two levels of alerts.

Why not? I thought that was the whole point of using Bluetooth no?

I don't know of any third party audits yet, no. There's quite a lot of comment on it from pretty reputable tech journalists/ outlets, but it's all a rather recent development for a full assessment/ audit to have taken place.. I believe Andy Greenberg has an article in The Wired about it, which is probably the closest you'll get.

Edited to add link: https://www.wired.com/story/apple-google-contact-t...

Hancock did say when announcing it that the NHS app would be open sourced - whether that actually happens or not....we'll see!

Bear in mind what Apple/ Google are doing is creating a protocol and an API, not an app. Individual health bodies will be responsible for building the front end - in our case NHSX. Eventually they are intending to incorporate this into iOS/ Android as part of the OS, but that's not what's happening initially.