- Contact tracing apps could be used to control the COVID-19 outbreak. Most of them work by automatically registering another smartphone when it is too close for an extended period of time. Then if a user tests positive for Coronavirus in the future, the contact tracing app notifies these contacts.
- Some countries like Singapore and Australia have already adopted or rolled out their own contact tracing apps.
- Concerns have been raised about misuse of personal data.
- Initial data suggests there has been slow uptake of this new technology by users, and it’s unclear if contact tracing apps have had or will have an effect on the pandemic.
- This article was updated on 14 May with information on the UK’s contact tracing app. The source code is now openly available. It has been confirmed that the app will be built on a centralised system and will work with anonymous tokens. Concerns about app and phone compatibility, and privacy have been voiced.
- Another update on 3 July includes changes on the Government’s contact tracing app strategy. The UK Government announced on June 18 that it would be trialling an app released by Apple and Google instead of the NHSX app which was trialled on the Isle of Wight.
- Apple and Google jointly released a software tool, known as an Application Programming Interface (API), to allow decentralised contact tracing apps to access additional functionality,
- Reports from various countries suggest low download rates of contact tracing apps.
- The Joint Committee on Human Rights has warned against the national roll out of an app in the UK unless privacy protections are guaranteed.
- This article was originally published on 1 May and will be updated as the research progresses.
- This is part of our rapid response content on COVID-19. You can view all our reporting on this topic under COVID-19.
Contact tracing is the process of identifying all the people who have come into contact with an infected individual so they can be warned that they may be at risk of illness. Based on factors such as the closeness and duration of the contact, decisions can be made about whether those at risk need to act (for example, by taking a test for the infection or self-isolating). Mobile phone apps can automate this process by detecting when people come into close contact and notifying users that they may be at risk. One of the reasons that COVID-19 is difficult to contain is that transmission can occur from individuals without symptoms and estimates suggest that 5–80% of cases have minimal symptoms. Contact tracing increases the chances of identifying these cases and isolating them.
Many governments and public health bodies across the world are showing interest in developing contact tracing apps to support the fight against COVID-19. For example, the contact tracing app TraceTogether, which can be downloaded on a voluntary basis, was introduced in Singapore in March. The Australian Department of Health released their contact tracing app COVIDSafe, which is based on TraceTogether, in April. Apps, or frameworks upon which apps can be built, are currently being developed for use in many other countries, including a number of efforts across Europe. In June, apps were released in many European countries including France, Denmark, Italy and Germany.
On 12 April, the Government announced that NHSX, a unit of the NHS responsible for digital innovation, was developing a contact tracing app for the UK. After early testing at RAF Leeming in Yorkshire, a trial of this app began on the Isle of Wight on 5 May and the app’s source code was published. A national roll-out was expected to follow this trial before the end of May but the app was never released. However, on 18 June the Government announced that they would be changing the trialled app to make use of a software interface released by Apple and Google in May. The release of the UK app is now not expected until the autumn at the earliest. On 22 June, the House of Lords was told that the cost of the app to date was £11.8 million.
Using mobile phone apps for contact tracing
At the beginning of the COVID-19 pandemic, contact tracing in the UK was carried out manually, using interviews with infected individuals to understand where they had been and who they had been in contact with. This approach ceased on 12 March when the disease became too widespread to trace contacts in every case but was restarted as part of the NHS Test and Trace programme on 27 May.
Manual tracing has been widely used in the past to tackle a range of diseases, from Ebolavirus to sexually transmitted infections. It relies on a person’s ability to accurately recall their movements, is time and labour intensive, and does not easily allow contacts who are strangers to be identified.
Contact tracing using mobile apps is a new and relatively untested technology, but potentially allows for quicker and more precise tracing because it uses automated data collection and analysis. Research has indicated that the spread of COVID-19 is too fast to be contained by manual contact tracing alone, but containment would be possible using a more efficient method involving a mobile app. However, apps cannot be used by those who do not own a smartphone, may face difficulties with accurately determining when contact has been made and have prompted concerns about privacy and data protection.
How do contact tracing apps work?
Contact tracing apps work by digitally tracking who an individual has come into contact with. When two people come within a certain distance of each other, their phones exchange ‘tokens’ (unique identifying numbers) that have been allocated to each phone. The app stores a list of the tokens belonging to all contacts they have made over a given period. If an individual begins to show symptoms of COVID-19, or tests positive for the virus, the app is notified. It can then alert other users that they may be at risk of infection if the infected person’s token is stored in their phone.
When designing an app to carry out this process, different technical specifications can be chosen to suit specific functions or meet certain standards of accuracy, security and user privacy.
Most contact tracing apps, including the NHSX app tested on the Isle of Wight, use a type of Bluetooth known as ‘Bluetooth low energy’ to exchange information between devices. A phone can estimate the distance to another Bluetooth device by measuring the signal strength received from the other device. This measures the proximity of other devices but not their absolute location. This is one reason why Bluetooth is generally preferred over other sources of location data; by not measuring absolute location, less identifiable personal data are collected. Norway’s app collected users’ location data via GPS rather than Bluetooth and was suspended on 16 June after the country’s data protection agency raised concerns that the app’s use of location data was unnecessarily invasive to privacy.
Research has shown that an individual’s location data are highly unique and hence individuals could be identified from their data even if it is stored anonymously. In South Korea, where location data of infected individuals is published anonymously on a website, two people were reportedly accused of having an extramarital affair by online comments after their identities were inferred from their data.
However, Bluetooth also has limitations, particularly the accuracy of its proximity measurements. For example, the radio waves used by Bluetooth can penetrate physical objects so there is a risk of false positives if people are a few metres apart but separated by a wall. There is also a risk of false negatives if the phone is in a bag or pocket that could weaken the signal, making it seem as if it is coming from further away. Research suggests that the orientation of a phone can also change the strength of Bluetooth signal received and this could make distance measurements unreliable.
Having a phone’s Bluetooth constantly switched on could also pose a security risk. The Bluetooth chip in a phone is designed to broadcast a unique identifier which could be collected by third parties in the vicinity or other apps on the phone and used for malicious purposes such as tracking. Bluetooth can also be used to attack phones by uploading malicious software.
It is generally agreed that, to protect an individual’s privacy and prevent surveillance, the unique tokens that the app broadcasts for exchange between contacts should be anonymised and not derived from personal details such as names or phone numbers. EU guidelines recommend that tokens are generated randomly and changed on a regular basis to protect users against tracking by third parties.
In some cases, the Australian app for example, a central, secure database may be used to link the tokens with personal details so that at risk individuals can be contacted. Some privacy experts criticise this approach as it means at risk users are not anonymous to the app authority (usually the government or public health body) and tokens could theoretically be deanonymised. Tokens could also potentially be deanonymised if they are generated centrally by the app authority and sent out to users, rather than being locally generated on individual phones. However, there are ways of setting up anonymous communication between the central server and individual devices to protect anonymity when sending out tokens. The NHSX app that was tested on the Isle of Wight used anonymous tokens, generated daily on the phones, for exchange between users but each user also had an anonymous, fixed identifier which was assigned centrally at installation.
Data storage and sharing
Most apps currently use approaches that minimise data collection and storage, and manage data using either a ‘decentralised’ or ‘centralised’ model.
- Decentralised models: data are managed locally on a user’s device and as little sensitive data as possible is shared with the app authority.
- Centralised models: data are shared with a central server managed by the authority which carries out data processing and/or storage.
In both cases, experts recommend that data are deleted once the risk of infection has passed. The NHSX app, built on a centralised model, deleted data from a user’s phone every 28 days, but data on the centralised server was retained for future NHS research. The EU recommends deletion of data 14–16 days after contact. They also recommend that the source code and protocol for the app is published so that the use and collection of data is well understood.
In April, 300 academics from across the world signed a letter warning against the adoption of centralised models as, even with anonymous tokens, the centralised data could be deanonymised and used for surveillance purposes. The Ada Lovelace Institute, an independent research body, has recommended that Parliament works to impose strict time and purpose limits on the use of contact tracing apps in the UK.
However, an advantage of a centralised system is that anonymised data in the central database could be used for research into the effectiveness of the app and understanding the spread of the virus. In a decentralised model, users could be given the option of volunteering their data for this purpose. Many countries, including the UK, initially pursued a centralised approach that would allow them to collect data to research the spread of the virus. However, Apple and Google, as well as some academic groups, supported a decentralised model. The European Parliament has voted to support the adoption of decentralised apps.
In May, Apple and Google jointly released a software tool, known as an Application Programming Interface (API), to allow decentralised contact tracing apps to access additional functionality, such as the ability to run as a background process, which is usually denied to apps for security reasons. Apple and Google have stated that only apps developed by public health authorities will be able to use the API and these apps must meet certain security, privacy and data control standards.
There has been some controversy surrounding the power exercised by Google and Apple over sovereign governments as they decide which apps are able to use their API. Privacy experts have generally welcomed the privacy protections implemented by Apple and Google but have suggested further privacy enhancements should be implemented and have recommended that both companies allow the code underlying their software to be independently audited. Some of the countries that initially planned to use a centralised approach, including Germany and Italy, switched to a decentralised model before their apps were released to allow them to make use of the API.
Other countries, including Norway and France, have opted to follow a centralised approach. The app that NHSX tested on the Isle of Wight was built on a centralised model but the announcement on 18 June that the Government are now looking to work with Apple and Google suggests a switch to the decentralised approach followed by those companies. A concern that has arisen from countries using different approaches is that their apps may not be compatible with each other and so contact from other countries may not be recognised.
Notifying the app of an infection
The only way to be certain that an individual has contracted the virus is to test them. Hence, many experts suggest that contact tracing apps are of greatest use when used in combination with widespread testing so that the app has the most accurate data. A password or authorisation key can be used to ensure only official, verified test results are uploaded. Many practitioners advocate obtaining consent before uploading test results as this may help maintain public trust. In addition to informing the app of test results, some practitioners suggest that users should be able to self-report their symptoms. Although this could reduce the risk of infection whilst users await test results, it could also lead to false positives. Australia’s app requires a positive diagnosis of COVID-19 before the app is notified of an infection. The NHSX app trialled on the Isle of Wight allowed users to self-report symptoms.
User engagement with apps
Apps may offer users recommendations such as checking symptoms, reporting to a test centre or self-isolating. Some commentators have expressed concerns that lack of interaction with a human health official could increase anxiety and reduce trust in the app’s advice. In Singapore, a health professional makes contact with the app user to decide an appropriate action following an alert. One of the leading developers of Singapore’s tracing app has cautioned against over reliance on apps for contact tracing as interaction with health officials can provide more assurance to the public. Lord Bethell of Romford, the Minister for Innovation at the Department of Health and Social Care, told the Commons Science and Technology Committee that the Isle of Wight trial had demonstrated the importance of human contact to reassure the public during the contact tracing process, rather than relying too heavily on an app.
For contact tracing apps to work effectively they must be used by a large proportion of the population. One study estimated that 56% of the UK population, or 80% of smartphone users, would be required to install and use the app for it to suppress the epidemic (although lower uptake could still help slow the spread of disease). Reports suggest that, as of mid-May, 40% of the population of Iceland, around 25% of the population of Singapore and about 20% of the population of Norway had downloaded the apps released in those countries. Since 2 June, the French app has been downloaded by 1.9 million people but subsequently deleted by 460,000 of them. Amongst those who have downloaded apps, some may not be using them regularly. There are no studies on the impact the apps have had on the spread of the virus in these countries so far. In a recent survey of UK adults, 65% said they supported the use of smartphones for contact tracing. In the Isle of Wight trial, 65% of those who were able to download the app did so according to the island’s MP.
Mobile phones offer a useful resource for contact tracing because they are widely used. However, smartphone use is much lower amongst the elderly, who are most at risk from COVID-19. Furthermore, some smartphones, about 12% of phones in active use in the UK, do not support the type of Bluetooth used by most apps. Experts generally agree that apps should complement ongoing manual contact tracing efforts, which would be needed to support those without access to compatible smartphones. Singapore is now distributing wearable Bluetooth devices with the same functionality as their app to circumvent some of the problems with using mobile phones.
EU guidelines say that it is essential that app use remains voluntary to maintain public cooperation. Commentators have expressed concerns that citizens could be coerced into using an app in some settings, for example an airline might forbid someone from flying if they do not have the app installed, or social pressure could dictate that those who have not downloaded the app are irresponsible. Some academics have suggested that protection from coercion in this way should be explicitly written into law. The Joint Committee on Human Rights has warned against the national roll out of an app in the UK unless privacy protections are guaranteed by legislation and the efficacy and benefits of the app are clear and frequently reviewed.
You can find more content from POST on COVID-19 here.