
How Apple And Google Are Going To Enable Contact Tracing - panarky
https://joekent.nyc/google-apple-contact-tracing
======
pjc50
It's going to be a problem to get rid of it later .. but right now we can
barely go outside! It's not a simple tradeoff between tracking and no
tracking, it's a tradeoff between tracking and lockdown.

US deaths just passed 22k, over seven times 9/11 and over four times the total
Iraq war death toll. It is likely we will see five to ten times that _total_
number before the pandemic is ended.

People have been happily arguing to let the old die as a means to end the
lockdown. How about cellphone tracking instead?

(And remember that every cellphone knows your approximate location by
necessity of which cell you're connected to.)

~~~
blisterpeanuts
Framing this as an either/or choice (surrender some privacy or the elderly
die) is a _reductio ad absurdum._

There are easier and less blatantly intrusive ways of achieving 80% or 90% of
the mitigation, like for example a combination of nonstop education of the
public and issuing tickets for breaking social distancing rules as is being
done in some places.

After the 9/11 attacks, Americans passively accepted huge intrusions on
privacy that have still not been rolled back, 19 years later.

We should be very careful what we wish for. This tracking thing is a very
slippery slope.

~~~
shadowgovt
What are your sources on nonstop education plus tickets being sufficient to
get to 80% / 90% mitigation?

------
tsherr
I keep Bluetooth disabled when I'm not using it. What happens then?

I knew crap like this was going to happen. Hello Big Brother.

~~~
alanbernstein
Maybe using the system is optional, but it gets you into the high priority
group when you're waiting in line for hospital access

~~~
hcurtiss
This is precisely what worries me. Submit to big brother, or you’re a second
class citizen.

~~~
shadowgovt
You say that as if avoiding having a driver's license and credit card for
privacy reasons doesn't already cause huge complications in an American's day-
to-day life.

------
Aeolun
I don’t understand why we go through all this trouble? If we’re talking about
Apple and Google they already have all information about where the majority of
people have been (everyone that didn’t explicitly turn off their location
tracking services).

It also doesn’t require anyone to install an app...

~~~
simion314
Maybe the world is more then the USA, so if in country X a doctor finds a
person with something and he wants to warn all the people this person had
contact with, this doctor would have to ask nicely Google and Apple to grep
trough logs and find who meet who and where? Would Google and Apple respond to
a doctor in a small country?

You can have a national app that is under the control of the health department
and doctors ,t hat only does things like "send a notification to all users
that were in contact with person with this ID to come to hospital and get a
test".

I understand that this could be potentially abused for evil or that evil
people already do this using WiFi or cell towers, I am thinking that we should
also think at the good that could come of this.

------
joncrane
Won't this cause false positives from people, for example, walking in front of
my house while I'm inside, and also while for example, stopped at a stoplight
next to other cars?

~~~
shadowgovt
Likely yes. The system will need some fine-tuning to achieve its goals.

~~~
paul_f
What a vast understatement

------
stilley2
Privacy issues aside, if the 10 minute key is only 16bits, and this is being
used by hundreds of millions of people, wouldn't there be a lot of false
positives?

~~~
tantalor
The size of the graph doesn't matter, only the average vertex degree, which
should be pretty low if you are social distant, because you only share
identifiers with nearby people.

~~~
stilley2
But wouldn't that mean the list of infected keys would have to be location-
indicated in some way? I guess I was under the impression it would be one list
for the country.

~~~
tantalor
I see, that's a good point. The article implies the "infected" list is global,
not location specific.

------
mikece
Voluntary compliance for public health today; mandatory compliance by
government edict tomorrow -- or we flag your account and you're prohibited
from buying anything. And what if I chose to stop using a smart phone and just
use a flip phone that doesn't have Bluetooth? Am I a _de facto_ enemy of
public health (or just public enemy)?

Anyone else see this as a MASSIVE slippery slope with too much potential for
exploitation?

~~~
DagAgren
This system goes to quite some lengths to preserve privacy.

If you are going to attack it, you need to actually address what it does and
explain why you don't think that is sufficient.

~~~
FartyMcFarter
The authors of DP-3T have already explained the privacy holes in their scheme.
It's in the trade-offs section of the paper; eavesdroppers, savvy hackers and
governments can identify and track infected users (to varying extents) without
much trouble.

A tech-savvy person could drive by your house and find out your IDs for that
day. If you reveal them later on (as you would if infected), that person would
know you're infected. In small towns a single person could in practice publish
a database of all infected households.

A government can install Bluetooth receivers throughout a city and find out
where an infected user passed by.

~~~
Aeolun
Installing bluetooth receivers throughout a city is only feasible if you plan
to use it for way more than just coronapatient tracking.

~~~
taborj
I think that was the point. This is useful for coronavirus patient tacking,
yes, but it's also useful for _people_ tracking in general, and malcontent
(whomever defines that) tracking in particular.

~~~
DagAgren
But it's not. There are far better ways to do that, if that is the path you're
going down. This is specifically designed to make that kind of thing much
harder.

------
tgv
Seems better than what I came up with, but one of my issues with Bluetooth is:
how would you determine distance? Power?

Also: that central server has got to be pretty powerful.

~~~
justzisguyuknow
Yeah I don't want to be commanded to self-isolate because I was 25 feet away
from a stranger in a park...

~~~
shadowgovt
Oh, I definitely do. That's a huge improvement over the current status quo
where I contracted COVID-19 from passing a stranger in a park, have no idea
I've done so because I thought that I was doing a good job of self isolation
and never even saw that person, and two weeks later I'm wildly ill and have
already infected everyone in my household.

More information gives me more tools to protect myself and those I love.

------
shadowgovt
There's an interesting article on Vox regarding how this all fits into a
larger plan for getting Americans out of their homes
([https://www.vox.com/platform/amp/2020/4/10/21215494/coronavi...](https://www.vox.com/platform/amp/2020/4/10/21215494/coronavirus-
plans-social-distancing-economy-recession-depression-unemployment)).

The tl;dr is that at least in the context of a pandemic like this one, lack of
access to a smartphone and lack of willingness to enable tracking puts a
person in the new second-class-citizen category. It's not the stick that
government would use to restrict freedom; it's the carrot of granting more
freedom to those who are more trusting of authority.

Not only do I personally not see much of a way around that scenario, the Vox
article notes it's entirely possible that Americans' general mistrust of
authority means the country may recover more slowly and painfully than nations
that are willing to let the government data-tag and monitor everyone.

At what point does the value of participating in society and the economy
outweigh the value of one's privacy? It seems this question is going to
rapidly become even more non-academic than it already is.

------
transfire
5 times a second? That seems excessive, and a waste of power.

~~~
djaychela
I wouldn't think it is excessive - if you're cycling and pass someone then the
contact period would be very brief (but if you're passing through their sneeze
cloud then it could be critical).

------
merricksb
Huge discussion about this topic one-two days ago:

[https://news.ycombinator.com/item?id=22834959](https://news.ycombinator.com/item?id=22834959)
(805 points, 459 comments)

~~~
panarky
Not a dupe. This article explains in detail _how_ the contact tracing API can
work while preserving privacy.

Random identifiers not linked to you or your device, identifiers change every
10 minutes so third parties can't track you over time, processing locally on
the device instead of by Apple or Google or the government, etc.

~~~
syshum
>>how the contact tracing API can work while preserving privacy.

It cant, and any claims it can is sheer arrogance on the part of the
developers.

you can not simultaneously assign an identifier to everyone, and maintain
privacy, they are mutually exclusive. If you can ID someone, and trace that ID
back then it is not private

~~~
DagAgren
Well good news: This system does not assign an identifier to everyone, so it
works.

~~~
syshum
It absolutely does, and broadcasts it via BlueTooth, then other phones track
which ID's you have been near.

The idea that can not be used for something other than COVID is moronic, this
type of system has been done in Marketing for a long time, Google knows this
very well.

This is not a new or novel idea, nor it is private

~~~
DagAgren
It does not transmit "an ID". It transmits random IDs, that cycle often.

~~~
syshum
Except for people that Test Positive, which then it uploads each of the Daily
Tracing keys to a central server for each of the day you were positive, this
is reversible, and has to be in order to identify all of the contacts the
person came in contact with

you can not have an anonymous system that also provides aways to trace back to
individuals you came in contact with

it is impossible

and their complex Hash of hashes is just a way to make it seems private for
people that do not understand what is really going on, it sounds good on the
surface, but that is all it is surface level

that is with out getting into the ways to compromise the device to get the
original Tracking key that all of the other tracking keys are generated from

~~~
DagAgren
Yes, that is the tradeoff you are making to keep actual human beings from
dying painfully.

You can afford to give up a few days of your privacy for that. Really, you
can.

~~~
syshum
Really you are going to come back at me with a Privacy vs Safety fallacy.

If that is all the justification you have, you have already lost the debate.
That kind of justification can be used for all manner of dystopian programs.
Authoritarians have been limiting privacy and freedom for centuries on the
basis of safety.

Right now in congress the EARNIT act is attempting to use that very argument
for the "safety of children" we all need to give up E2E encryption

No I completely reject your premise that because of safety I need to give up
my privacy

~~~
DagAgren
No, there is no fallacy. There really isn't. You privacy is NOT more important
than a human life, which is exactly what is at stake here. Claiming otherwise
is utterly sociopathic.

~~~
syshum
No it means I would rather die with privacy and liberty than to live in an
Authoritarian Dystopia with no liberty or privacy

it is not sociopathic to put an extremely high value on privacy and liberty

~~~
DagAgren
No, it does not mean that. It means you would rather let OTHER people die with
your privacy. You are literally valuing your privacy higher than the life of
other people. And yes, that is sociopathic.

~~~
syshum
So do you draw any line on this, or should all privacy be void as long as it
saves 1 life?

For example should I have my every moment monitored because I might hurt
someone? Should everyone have to have a BAC monitor on their cars so save
people from drunk driving?

Just trying to see if there is any limits in your Authoritarian world

~~~
DagAgren
Of course I draw lines. Any sane person draws lines. And the current situation
is far, far beyond that line, as should be blatantly obvious to anyone with a
functioning sense of empathy.

