Skip to main content

Europe shares code for new coronavirus warning app



The challenge is to convince enough people to install the app to make it an effective tool | Stefan Wermuth/AFP via Getty Images
BERLIN — European researchers think they have found a way to use mobile phones to contain the spread of coronavirus — and help people avoid infection — without sacrificing the region’s high standards on privacy.
Eight countries have taken part in the project that will, on Wednesday, release the code for an app that analyzes Bluetooth signals between mobile phones to detect users who are close enough to infect each other, members of the group of about 130 academics, activists and technologists told POLITICO.
That data will be temporarily stored on the phones. If users later test positive for the virus, the app alerts anyone who has been around them in preceding days.
Unlike more invasive surveillance technology being used to track infections in parts of the world with lower standards of data privacy, the new European software embeds safeguards to encrypt data and anonymize personal information, according to some of the organizations involved, which include the Fraunhofer Heinrich Hertz Institute in Berlin and the Ecole Polytechnique Fédérale in Lausanne.
This makes it safe from abuse by third parties, including governments, and ensures data protection standards won’t suffer irreparable damage as Europe tackles the pandemic.
“I think Europe is a very good starting place for this because we have this long tradition of privacy” — Chris Boos, CEO of artificial intelligence company Arago
“People have fought very hard to get where we are,” said Chris Boos, the CEO of Berlin-based artificial intelligence company Arago, who is part of the project’s leadership team and also advises Angela Merkel’s chancellery on digital policy. “And we shouldn’t just throw our civilization out of the window.”
Germany will be among the first countries to launch an app based on the code. That hasn’t been officially confirmed, but Lothar Wieler, president of the Robert Koch Institute, which is coordinating Berlin’s response to the pandemic, has hinted that his institute has teamed up with others to work on such a voluntary app. He told reporters during a press conference on Tuesday that, ideally, the entire German population would sign up to it.
Other countries in Europe could soon follow suit. The aim of releasing the code, Boos said, is to facilitate the launch of national apps across the region that can communicate with each other to pick up Bluetooth phone signals and help avoid infections.
Current members of the initiative, which is financed through donations, include organizations from Austria, Belgium, Denmark, France, Germany, Italy, Switzerland and Spain, but the initiative remains open for new countries to join, including from outside the Continent, he added.
“I think Europe is a very good starting place for this because we have this long tradition of privacy,” Boos said. “But of course, we’re opening this up to other places, as well — and we already received the first requests from outside Europe when weren’t even out yet.”

Help Europe bounce back

The release of the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) toolkit responds to pressure on political leaders to find ways to revive locked-down Europe’s economy without prompting a spike in new cases of COVID-19, the disease caused by the coronavirus.
To do that, epidemiologists need better data on where infections take place so that those who might have contracted the pathogen can isolate themselves.
So far, countries like Germany have mostly tracked infections by interviewing those who are infected. But that workflow is lengthy and can be prone to errors, with patients often unable to remember everyone they crossed paths with in the preceding two weeks, the incubation period of COVID-19.
At the same time, patients tend to carry electronic devices with them that can track their whereabouts, prompting countries around the world to tap into that information to better identify new infections.
China, where the virus originated, has mobilized a vast array of mass surveillance tools, such as a mandatory app that scores individuals based on their contagion risk and shares the information with authorities.
But most Western democracies bristle at such invasive solutions, which privacy advocates warn would do lasting harm to society.
The advantage of PEPP-PT, according to its developers, is that downloading the app will be voluntary and the code makes it virtually impossible to reveal the identity of the people using the devices: Two phones will never exchange data directly, and the users’ aliases are changed frequently.
Such privacy standards, they argue, make their technology different from solutions like an app launched in Singapore which also monitors the exchange of Bluetooth signals to detect when phone users are near one another.
The challenge is to convince enough people to install the app to make it an effective tool.
Epidemiologist Marcel Salathé, who heads a lab for digital epidemiology at EPFL, quoted research that in order to keep numbers of new infections down, ideally 60 percent of a population would use such technology.
But he also stressed that “in principle, already a few people [using the app would] help to make a difference,” not least because the scheme comes on top of other measures that are already implemented to slow down new infections.
“At the end of the day, if you have 40 percent of a population using such a system, that will still have a strong impact,” Salathé said.
Want more analysis from POLITICO ? POLITICO Pro is our premium intelligence service for professionals. From financial services to trade, technology, cybersecurity and more, Pro delivers real time intelligence, deep insight and breaking scoops you need to keep one step ahead. Email pro@politico.eu to request a complimentary trial.

Originally published at https://www.politico.eu on April 1, 2020.

Comments

Popular posts from this blog

Ransomware's Dangerous New Trick Is Double-Encrypting Your Data

  Ransomware groups have always taken a more-is-more approach . If a victim pays a ransom and then goes back to business as usual-hit them again. Or don’t just encrypt a target’s systems; steal their data first, so you can threaten to leak it if they don’t pay up. The latest escalation? Ransomware hackers who encrypt a victim’s data twice at the same time. Double-encryption attacks have happened before, usually stemming from two separate ransomware gangs compromising the same victim at the same time. But antivirus company Emsisoft says it is aware of dozens of incidents in which the same actor or group intentionally layers two types of ransomware on top of each other. “The groups are constantly trying to work out which strategies are best , which net them the most money for the least amount of effort,” says Emsisoft threat analyst Brett Callow. “So in this approach you have a single actor deploying two types of ransomware. The victim decrypts their data and discovers it’s not act...

Babuk ransomware is back, uses new version on corporate networks

  After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks. The criminals are currently using a new version of their file-encrypting malware and have moved the operation to a new leak site that lists a handful of victims. Gang’s still in the game The Babuk ransomware group became known at the beginning of the year but the gang says that their attacks had started in mid-October 2020, targeting companies across the world and demanding ransoms typically between $60,000 and $85,000 in bitcoin cryptocurrency. In some cases, victims were asked hundreds of thousands for data decryption. One of their most publicized victims is the Washinton DC’s Metropolitan Police Department (MPD). This attack likely pushed the threat actor into announcing its retirement from the ransomware business only to adopt another extortion model that did not include encryption....

Microsoft Teams Phishing Attack Targets Office 365 Users

  Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a “missed chat” from Microsoft Teams. Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aims to steal Office 365 recipients’ login credentials. Teams is Microsoft’s popular collaboration tool, which has particularly risen in popularity among remote workforces during the pandemic  — making it an attractive brand for attackers to impersonate. This particular campaign was sent to between 15,000 to 50,000 Office 365 users, according to researchers with Abnormal Security on Thursday. “Because Microsoft Teams is an instant-messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification,” said researchers in a Thursday analysis . The initial phishing email displays the name ...