Hacker News new | past | comments | ask | show | jobs | submit login
NHS Covid-19 app update blocked for breaking Apple and Google's rules (bbc.co.uk)
49 points by mbalyuzi on April 12, 2021 | hide | past | favorite | 60 comments



That's odd, since the NZ Covid Tracer app definitely has this feature, it's part of the standard process when someone tests positive.

As far as I know it only includes the manually scanned codes though, not the bluetooth proximity tracing data. Perhaps the NHS app was trying to gather this?


Perhaps there's some details missing from the article, because it sounds just like how the NZ app operates. All data stays on your phone unless you choose to share it:

  "The information you choose to record with NZ COVID Tracer is stored on your phone where only you can see it. This includes the QR codes you scan, your manual diary entries, your Bluetooth ‘keys’, and your NHI number."
If you're identified as a potential case, then you can choose whether or not you want to share your history:

  "If you are identified as a confirmed or probable case of COVID-19, it is entirely your choice whether to share your digital diary with the Ministry or upload your Bluetooth keys. You are in control of your data."
More details here:

https://www.health.govt.nz/our-work/diseases-and-conditions/...


> the terms and conditions in more detail says that "a contact tracing app may not use location-based APIs... and may not collect any device information to identify the precise location of users".

I also wondered about this. The NZ app doesn't as far as I know log or transmit GPS coordinates. Some organisations have different codes at every door and in each elevator.


It works the same in HK, once you test positive, you input your case number, and upload your check in history to some government servers. I assumed this is how every country does it.


The Exposure Notification FAQ: https://covid19-static.cdn-apple.com/applications/covid19/cu...

Relevant quote from the FAQ doc: There will be restrictions on the data that apps can collect when using the API, including not being able to request access to location services, and restrictions on how data can be used.


Irrespective of ones own feelings about this particular app: isn't it interesting that Google and Apple have the power to collect all our location data, but can refuse our democratic governments access to that data even on a voluntary basis?


In this specific case, I'm really glad they're exercising their power, because they seem to be doing it in the best possible way, and have forced governments to do the right, privacy-preserving thing.

And I think having this power is OK - nobody should be forced to help the government implement something unethical. There may be scenarios where this goes horribly wrong, but the contact tracing framework is a case where it went perfectly right.

Yes, the QR-checkin feature is something where an exception could make sense, but given what it would pave the way for, I'm glad they keep the rules strict.


> nobody should be forced to help the government implement something unethical

Nobody is forced to install the app at all (at least in the UK's case).

And if they do, they're not forced to share their location anyway.

On the other hand, anyone who has an Android phone is forced to share tons of data with Google. And the cost of not having one is much higher than the cost of not having the government's app.


> Nobody is forced to install the app at all (at least in the UK's case).

Unfortunately, that's not quite right. Citing the latest rules:

> The rules on what you need to do when a group enters your venue have changed. You must ask every customer or visitor to scan the NHS QR code using their NHS COVID-19 app, or provide their name and contact details, not just a lead member of the group. [0]

[0] https://www.gov.uk/guidance/maintaining-records-of-staff-cus...

Delving into the rules, it appears this applies to all sit-in venues, while takeaway customers are exempt. A paper-based system should be available, if you trust the business to handle your data responsibly (or forge fake data if not).

This morning at a cafe I was asked to scan the QR code "or we can't serve you" for a takeaway order. Clearly some misunderstanding, and I didn't press about a paper-based list as I hadn't read the details myself. Hopefully it's an isolated incident, but it wouldn't surprise me if there was some simplified comms (/FUD) about "just get customers to scan the code".


> or provide their name and contact details

There are 2 alternatives to installing the app:

- providing your details; or - not entering the venue.

Seems correct that nobody is forced to install the app.


Unfortunately, Google and Apple have effectively made it impossible to use the paper-based details in order to contact people and tell them to self-isolate if someone who used the app to check in tests positive by blocking this.


I'm talking about tech companies being forced to help governments distribute large scale mass surveillance tools.


Can't speak for Google's case - but Apple certainly goes to great pains to make it clear they don't collect location data on users - it's left on the user's device.

Isn't it interesting that it takes an international mega-corporation to take a more realistic and principled approach to user privacy than a democratic government.


> Can't speak for Google's case - but Apple certainly goes to great pains to make it clear they don't collect location data on users - it's left on the user's device.

This is not true at all - as the researcher from Trinity College found out a bit of time ago, Apple collects people location data even if they're not logged into the Apple account: https://arstechnica.com/gadgets/2021/03/android-sends-20x-mo...

It's very clearly marked as being collected, so I'm not sure why this myth of Apple not collecting data is being perpetuated. It's seriously misleading actual iOS users about their privacy.


If you're trying to make a case that Apple is my ally against government, I understand but disagree that Apple's privacy policy makes them my ally.


Well put! These are the moments which everyone remembers and refers back to when the next troll comes along and claims that Apple must allow third party app stores.


People are not trolls to demand the freedom to do whatever they want with their property and the freedom to pass laws to force Apple to permit that. The argument that if you do not like Apple or Goole use Linux can be reverse and if Apple or Google does not like EU or other market with anti-competitive laws they are very,very free not to do business there.

Should I remind the fanboys again that Apple gives China direct access to users data? Apple does not have principles but PR people with spreadsheets, you as an user could use your brain and not install a government app or don't give it permissions but if you want the freedom to delegate your thinking to a for profit company you don't have to demand the others give up their freedom too (I don't need X so you should not have it either )


> People are not trolls to demand the freedom to do whatever they want with their property

But you can do whatever you want as far as it’s possible by the product that you purchased. If you buy a Gameboy you wouldn’t sue Nintendo for not supporting you to play Playstation games on it, unless you’re a troll. Same thing for Apple products. Do with your iPhone what you want, but if you don’t like the Apple software on it then return your device or try to hack it or just buy another product which better meets your needs.


Sure, but I have the right to ask my government to pass new laws, so I don't beg Apple,Google, Facebook,Steam to be moral I ask my government to act for our common good and the giants are free to pack their bags and leave.

So when someone in EU asks for Apple to open up the US people should not trigger as much since they can keep their locked versions of the phones, nobody would force them to buy the unlocked EU version. Similar when banks were forced to reduce commissions on stuff, or mobile networks were forced to reduce big charges in EU the companies could ahve left, but the banks and companies are still here and not US citizen was directly harmed (maybe some will still cry that there are places where big money is not enough )


> Sure, but I have the right to ask my government to pass new laws, so I don't beg Apple,Google, Facebook,Steam to be moral I ask my government to act for our common good

But the electorate didn’t ask the government to collect location data on them, quite the opposite, so everything that you just said is literally fantasy cuckoo land argumentation. The reality is that people don’t want to be spied in by the government and people don’t want Apple to give the government that access and Apple is acting in the interest of everyone except a few people in parliament.


The UK government has a democratic mandate to track infections, including by tracking visitors to areas of risk. The correct way to do this, and how most other governments do it is to provide two Apps. One for trivial QR/location based tracking, one for contact based tracking using the government-exclusive APIs.

The point is, the UK government made a technical error, we cannot extrapolate a democratic deficit or malice or anything like that from the information we have from this event.


I am arguing about the freedom to install what application you want, I don't demand you to install UK or other government app, if you would think for a moment this would mean that if your repressive government would force Apple to pre-install an app you would have the freedom to remove it(wow, to remove or change the defaults , such a revolution, think about it, and nobody forces you to do anything, you can keep all the Apple locks in place).


Apple definitely have a stronger case here, because as you say, they do more generally go to lengths to protect user privacy. That being said, they do use location-based advertising themselves.


Apple sent users data about what app their run and when they to their servers, and if I remember right the protocol was not secure enough. So either Apple does not care about privacy or they are incompetent not to implement that feature respecting the users privacy.


I find it interesting that there seems to be a (wilful?) ignorance on the part of our government as to quite how big and powerful those corporations are.

There seems to be a bit of a "We're the government, so they'll have to do what we ask/tell" going on here I suspect. Probably coupled with incompetent IT project management that didn't bother to worry about the terms and conditions they signed up to, because that was too hard.


After seeing what Facebook would let the Russian government do, who in the U.S. government would cross them unless they had momentum for an antitrust suit and that includes a Supreme Court ready to enforce a pro-citizen regime.


> coupled with incompetent IT project management

The UK Government have made a pig's ear of pretty much the whole of their Covid response precisely because they refuse to engage with anyone who might actually know what they're doing. Everything's been outsourced at great expense to private companies operating on a wing and a prayer basis. Millions of pounds and many weeks' of time early on in the pandemic was wasted building a bespoke app that anyone with any experience told them wouldn't work. They finally were forced into an embarrassing climbdown where they had to accept the Google/Apple solution that they'd previously dismissed as not good enough.

The only thing they've done well is the vaccine programme because they actually let the National Health Service get on with it instead of letting some big outsourcing company flounder about expensively.


Funny you should mention that. Literally the day that the UK rolled out the new app using the Google/Apple solution, the BBC suddenly forgot about the downsides of the old app and decided that its advantages over the new one were real after all. Even found a few experts to back them up, whereas before you'd think only the government considered it to have any advantage.


> There seems to be a bit of a "We're the government, so they'll have to do what we ask/tell" going on here I suspect

That's the case (they are the government, they are in control, not Apple or Google), and certainly it should have been the case considering the situation. But that would have required the government to show some backbone and to use the power at its disposal. Instead it seems that the issue has been politically controversial so that the government decided not to act decisively on track and trace apps overall.

This is continuing with the controversy over "vaccine passports".


Just so long as we're clear that the final conclusion ought to be that no-one should have that data; rather than "ok, let's give it to the government, my next door neighbour, and the nearest cat as well then"


Better the devil you know? The worse that Google may do with your data is targeting you with some personalised ads. As for Apple, they have probably even less interests with those... But your government is a different matter. Speeding, financial "crimes", ... evading Covid-19 restrictions :-)

Actually the scariest about Google / Apple collecting your data is ironically when a government entity may investigate you and request data from these companies


The contract they initially signed said they won’t collect location data and now they want to collect data without signing a new contract.

They even acknowledge they made a mistake in the initial contract.

What’s the issue here?


Apple and Google are just upholding their part of the agreement.


I'm not sure you can call it an agreement in any true sense. Apple and Google dictated the terms for accessing the Bluetooth hardware in the particular way required. Many governments around the world wanted more direct access to the hardware than Apple/Google have permitted, or (voluntary or otherwise) access to location data. Google and Apple said if you don't agree to these terms, you don't get to access anything.

I'm not necessarily saying that's wrong or right. You could argue they're defending the user's rights against the tyranny of the British government. Or you could say they're constraining the user's and their democratically elected government's rights to voluntarily use data to help end a pandemic, while at the same time profiting off it themselves.


Governments do not have rights, they have power.


With Apple, at least you can opt out of all location info going to Apple


Gotta love the images of the overly complex QR codes... Hey devs, stop packing so much info on those things!


I was curious what it was sending so scanned it:

UKC19TRACING:1:eyJhbGciOiJFUzI1NiIsImtpZCI6ImlSNHdIVEIxdkF2a 2RjbEdCQWVwUlpxSzZSb29GbVNxcEpDQVd4alFvUFEifQ.eyJpZCI6IlA1Mkt XUFIzIiwidHlwIjoiZW50cnkiLCJvcG4iOiJFbncgTGxlb2xpYWQgeSBQcmF3 ZiIsImFkciI6IldlbHNoIEdvdmVybm1lbnRcbkNyb3duIEJ1aWxkaW5nXG5DY XRoYXlzIFBhcmtcbkNBUkRJRkYsIENGMTAgM05RIiwicHQiOiJDQVJESUZGIi wicGMiOiJDRjEwM05RIiwidnQiOiIwMDEifQ.3USKQlzdD4_RlH-wWvPPyQig 3tGbS8XUIFlTryqVzCmeWzc32YyKLjYpnzNOpUu0555-ym1kfvdDNAqnqyAWRw

The first part "UKC19TRACING" obviously tells you it's for UK Covid 19 tracing. The second part "1" is maybe a version number. The rest is a json web token with the following payload:

{"id":"P52KWPR3","typ":"entry","opn":"Enw Lleoliad y Prawf","adr":"Welsh Government\nCrown Building\nCathays Park\nCARDIFF, CF10 3NQ","pt":"CARDIFF","pc":"CF103NQ","vt":"001"}

Honestly, this seems to me to be overly complicated but I don't really know how the apps work.


You do not need an internet connection to scan the code, which is an advantage. I imagine this is why they’ve included a check and why the code is so large.

It’s worked first time whenever someone I’ve been with has scanned it.


It seems crazy that they are using JSON in a QR code. There are much more compact encodings they could have chosen.


AFAIK in my jurisdiction the QR codes are a simple number, which the app reports along with the names of the people who have checked in or you are checking in. The number represents all the data that UK code is trying to convey. Not sure why the UK code needs all of that within itself rather than having a lookup table of some sort the number points to.


If the lookup table was stored on the server, requesting the data would effectively provide the user location to the central server. This is the part that isn't allowed.

I suspect the lookup table is too big to store on the device itself.


Why would the app need to do a lookup? Store the numbers, and if/when you test positive then submit them along with your bluetooth keys.

Seems to me like a lot of these problems go away if governments stop making things more complicated than they need to be.


Well that's possible, but doesn't add any additional security and has the negative effect that users can't see where they have scanned into on their device (e.g. on the NHS app you can go to 'venue data' and see where you have logged into).

If one of your user stories involves users being able to see the names/addresses of venue's they have visited, you will either need to store the venue name in the QR code or do a lookup.


You might like this then - turns out the QR codes are a cluster https://www.revk.uk/2020/09/how-not-to-qr-nhs-c19-app.html


Damn, you should make a new post for this article if it hasn't been posted yet


There's an analysis here: https://www.revk.uk/2020/09/how-not-to-qr-nhs-c19-app.html

Whole thing is a bit OTT.


If there is one thing we’ve learned from this pandemic it’s that apps will not save us.


If (western) governments had chosen to prevent the epidemic, apps would have helped, but they decided to let the virus spread, just slowly enough.

Also (western) journalists love stories about 3M deaths, surveillance apps or fake news, much more than success stories.

So yes, apps had no chance to save lives. Korea or Singapore show they could have, but we didn't let them.


Part of the problem is that the mainstream media - including the BBC - seem to have mislead people about how well contact tracing worked in places like South Korea. For example, they ran an article a few months back about how it was so effective that South Korea could reopen their pubs and nightclubs. In reality, they'd tried doing that multiple times and every time, cases had started going up enough that they had to close them again - but you wouldn't know that from the article. Nor would you have known that the same thing happened that time; the BBC kept on completely ignoring the rise in cases there even as they reported less important stories from South Korea.

Covid still isn't in control in South Korea. (Singapore maybe, but that relied on their society being structured in a way that wouldn't be politically acceptable elsewhere. If you take a look at the infection rate in their worker dorms, and realise those people would be living amongst the rest of the community in equally crowded housing and shopping at the same stores in Western countries - just like they were in Singapore until they were forced into dorms so actual citizens didn't have to look at them - and that those infections weren't even counted as "community cases" there...)


It's more in control in South Korea than it is in Europe or the US. The daily infections (per capita) are lower than the US or UK, even though they have not deployed nearly as much vaccine. Things may end sooner in the US, but probably not better overall (South Korea is likely to speed up vaccinations once more vaccines are globally available).

I'm also under the impression that their interventions have been less drastic than the US (but I haven't been following closely).

Are we really stuck thinking that a thing has to be a complete solution to be worth doing? It seems clear enough to me that identifying clusters and helping infected people isolate both have a big positive impact (both in disease control and in keeping things more open). Apps can be a piece of that puzzle.


China also shows that these apps (which combine track and trace, with status) are very useful to re-open the economy after lockdowns in a way that helps contain further outbreaks.

Of course, saying "it seems to work in China" is the surest way to having a course of action shot down as unacceptable whatever its actual merits...


It does seem to work here in Hong Kong. Two weeks ago someone who went to my gym tested positive, I was instantly notified through the app (as did 500 other members). Within two hours I got tested, and received my negative results the next day.

Anytime someone tests positive, the government notifies everyone who was in the same building in the past two weeks, and testing is mandatory.


I won't go into the morality of this particular issue if Apple or Google is right or wrong in this case, but I do think that Apple and Google are slowly but surely pushing their limits...

Even if they are right, no government wants to be beneath a corporation, and have it so publicly displayed how a corporation wields more power than government.

Apple and Google are just asking to be regulated, and contrary to HN sentiment, I cannot wait for that moment. I think I'll open the champagne and make a toast to Tim Cook.


Many billions of pounds are being wasted on this. This failed app and system has had ten times the overall cost of the Mars Perseverance mission budgeted for it.


Source?

A quick google shows the app will cost c£35 million[1], while the overall cost of the Mars Perseverance programme is $2.7 billion[2]. 10 times $2.7 billion is $27 billion so you are out by a large factor.

[1] https://www.digitalhealth.net/2020/09/total-cost-of-nhs-cont... [2] https://www.planetary.org/articles/cost-of-perseverance-in-c...


There's a lot of misleading information flying around about how much the app costs.

The budget for the overall NHS Test and Trace system was £37bn last time I checked, and lots of news outlets seem to be trying to conflate that budget with either the cost of the tracing system (which didn't work very well) or the cost of the app. In reality, the vast majority of the spend has been on testing, and some of that budget likely remains unspent.


Agreed - framing it as "the app + system cost £37bn" would make you think that the app cost billions, rather than the app being approximately 1/10th of 1 percent of that figure.


The entire Test & Trace costed about 37 billion (at the latest estimate) and ministers admitted it has only a marginal impact on limiting spread:

https://blogs.bmj.com/bmj/2021/03/19/covid-19-test-and-trace...


This article is about the app though - which was £35 million.

Why add in 36.9 billion of other costs? (other than to distort it to make it look much more expensive than it is?)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: