NHS Tracing App: We Shouldn't Have to Sacrifice Our Privacy to Get Back to Normal

By Tom Pritchard on at

So despite the fact that we're still technically under lockdown, and the COVID-19 pandemic is still having a lot of fun killing and hospitalising far too many people, things are vaguely on the way to going back to normal. If you believe the government that's because we're getting this virus under control, with help from large-scale testing and this thing the NHS pumped out commonly referred to as the 'Contact and Trace app'.

It's not widely available yet, and currently only a handful of testers can actually access the app, but Health Secretary Matt Hancock has been singing the app's praises, and insisted that the public has a "duty" to download the app and help keep tabs on the virus. Containing the spread of COVID-19 is an admirable goal, especially since there's no viable treatment or vaccine, but the NHS contract tracing app is not the way to do it. Because frankly our privacy shouldn't be so willingly sacrificed like this.

What is this app anyway?

There are actually two parts to this system. First up is a manual track and trace system, which is the thing you've been hearing about a lot in the news after the tracers ended up doing very little work. That launched on 28th May and involves contacting people who have tested positive for COVID-19 (via email, text message, or a regular phone call) and finding out who they've been in contact with and how they can be reached.

The contact tracing app, which has been developed by NHSX — the digital arm of the NHS — essentially automates that process and cuts out most of the human/phone interaction. But it's not been released yet, despite the government originally gunning for a mid-May launch.

The system as it has been explained is set to use an always-on Bluetooth signal to broadcast an identification code that is unique to that device. That code is picked up by other phones using the app, and is stored for 28 days before being deleted - assuming you don't experience any COVID-19 symptoms. Interaction with the app is limited to it asking how you feel, and if you're unwell whether you have a high temperature or a persistent cough. If you do you're asked when symptoms started and that information can be sent to the NHS track and trace system which identifies the people you've been in contact with and decides whether they need to be notified and how high the risk is.

While the app doesn't collect GPS location data, it does ask for your postcode when you sign up - something the NHS says will help them track the spread of the disease. It also collects information on what phone you have, the IDs of the phones you've been close to, and Bluetooth information to determine how long phones were communicating and how strong the signal is.

Data Retention and Security are Key Issues

One key issue that arose early on was the fact that the NHS stored data on a centralised database, rather than opting for a decentralised approach that was being used by the joint Apple/Google API and seemingly against previous recommendations made by the ICO and the Information Commissioner, Elizabeth Denham. Matthew Gould, head of NHSX told a parliamentary committee that this centralised approach was chosen to make the data more useful from a research perspective - both during and after the pandemic. You can't really argue with that sort of logic on its own, but when other factors are considered it all comes together as a more worrying aspect.

For starters, the NHS data is going to be kept for at least 20 years, and in spite of data protection laws people have no control over it after it's been sent to the server. That wouldn't be a problem if the data was automatically anonymised, but that's not what's happening. While the data is supposedly set to be anonymised after the pandemic is over, it's currently not. In fact it's been noted that it's been set up in a way that can be used to identify users, which is more worrisome by the fact that there is some information on your location thrown into the mix. For reference Apple and Google have expressly forbidden the use of location tracking in their own system, and have promised to delete all data once this is over. Though again it's not clear who gets to decide what 'over' is.

So now we have a government system with identifiable information and basic location data. Some people might jump to the possibility of this evolving into some sort of authoritarian people-tracking system, but the more pressing matter is about general security. Find your way into that centralised database and you suddenly have access to all the data collected by the app, and while NHSX says that it had to balance privacy and security with functionality it's the kind of issue you wouldn't have with the decentralised approach. Whether you actually trust Apple and Google, the fact that the data is not kept in one place means it can't all be hijacked by a single data breach.

Look at that, I'm praising Google, of all companies, regarding their slightly better approach to user privacy. Google promising not to track location data and use contract-tracing information for advertising? 202o really is full of surprises.

It is worth pointing out, however, that GDPR rules say totally anonymised data doesn't have to be removed by request. So assuming the NHS really does delete any identifiable data, the whole 20 year storage thing becomes moot. Not that you can delete an individual's data if you can't identify which data is actually theirs in the first place.

And while officials and the government will likely go round saying that their security is fine, there's already been at least one leak of the contact-tracing database - with Channel 4 obtaining statistical information about how many people are using the system. That's not a breach in the app, mind, but the fact that the track and trace system itself has already been breached is not a very good sign.

And of course this isn't just me saying this. The Open Rights Group is preparing a legal challenge against the app, because keeping identifiable information without giving people control over what happens to it (or completing the legally-mandated data protection impact assessment) is apparently super-illegal.

Then there's the Joint Committee of Human Rights (a parliamentary committee) which ruled that the existing data protections within the app were not enough, and sought to change the law to ensure all data was deleted after the pandemic is over.

"We cannot rely on the current failed mishmash of protections that were never envisaged for this situation. We need new legislation.

"Government collection of our movements and physical contacts would have been unconscionable before, but now it is happening. Big powers demand big safeguards. The government should not resist their assurances being put into law. Parliament completed emergency legislation for new powers. It can do it now for new protections."

"Who Cares, This is to Protect the NHS!"

Ah yes, that old political chestnut. One thing I've noticed about British politics is that the politicians love to wheel out the NHS to gain a few points with the public, all while doing nothing to actually help the service do its job.

Yes, this is my personal politics coming out, but let's not stick to that bullshit excuse. After all, if protecting the NHS was actually on the cards, we wouldn't have  Matt Hancock insisting that this isn't the time to be talking about wage increases for nurses. A bit like how US republicans always insist that the time after a mass shooting isn't the moment to talk about gun law reform.

Protecting the NHS is important. Lockdown was particularly key to this, because the fewer people that are getting infected the less crowded the hospitals are. Sure, COVID-19 may not be ebola-level lethal, but if people can't get treated then the death toll would most likely get considerably worse. But if the NHS and public health really was high on the government's priorities then lockdown wouldn't be easing up already. Health officials have recently made it clear that easing restrictions too early could lead to further spread of the disease, and schools have been arguing against the rush to reopen doors ever since the government first announced it. 

Lockdown sucks, and my point here is that if a contact tracing app can help people get back to their normal routines then that is an evil we are going to have to endure. There's no way that such a system of keeping tabs on people like that would ever be 100 per cent privacy-friendly. Hell, the smartphone itself isn't even anywhere close to that. What we can do, however, is mitigate the privacy problems and make the system as unobtrusive as possible.

Apple and Google seem to be at least trying (or so it seems from the outside) and ensuring that this doesn't become a brand new way for the powers that be to keep tabs on us all, or have a new way to make money from us. The government and NHSX don't seem to be on the same page, though it still begs the question as to whether this is done because of ignorance, incompetence, or outright malice. It could be any of them, or it could be all of them.

But when it comes down to our privacy we should not be letting this pandemic become a convenient excuse for more surveillance. At the very least it sets a terrible precedent for the future, and what can or can not be excused in the name of public safety. Assuming people actually take part in the first place, but at the very least the minimal numbers in the track and trace system show that it's not that popular right now. Naturally we can't really gauge public willingness until the app is actually out, and after we see what awareness campaigns the government comes up with.

The fact is the system would be better off if the government hadn't rushed it and had produced something that wasn't the digital equivalent of a flaming dog turd. And if they'd consider the consequences of having to isolate for 14 days after possible exposure. Like how people will pay bills if they can't go to work or work from home?

I'm damn sure most of this is down to general incompetence, rather than direct maliciousness from the government. When it comes down to it politicians generally haven't got a clue where technology is concerned, and just spew out whatever they think matches the general agenda set by themselves or their party. A contact-tracing app is no exception, and rather than trusting the expertise of two giant tech companies with years of experience in app-development and related ventures, NHSX has been going it alone. That, coupled with the fact this app is being produced very quickly, is a recipe for disaster. And everything we've seen so far has done fuck all in alleviating those concerns.

But hey, I guess if it gets people back to work and spending money in shops it's all good, right? After all, the government can't keep handing out wages forever, and we're going to need as strong an economy as possible for when Boris bulldozes into it with a No Deal Brexit.

And yes: the previous paragraph was me being sarcastic. The rest of the post, I'm being deadly serious about.

Featured image: Matthew Henry on Unsplash