- Contact tracing apps could be used to control the COVID-19 outbreak. Most of them work by automatically registering another smartphone when it is too close for an extended period of time. Then if a user tests positive for Coronavirus in the future, the contact tracing app notifies these contacts.
- Some countries like Singapore and Australia have already adopted or rolled out their own contact tracing apps.
- Concerns have been raised about misuse of personal data.
- Initial data suggests there has been slow uptake of this new technology by users, and it’s unclear if contact tracing apps have had or will have an effect on the pandemic.
- This article was updated on 14 May with information on the UK’s contact tracing app. The source code is now openly available. It has been confirmed that the app will be built on a centralized system and will work with anonymous tokens. Concerns about app and phone compatibility, and privacy have been voiced.
- This article was originally published on 1 May and will be updated as the research progresses.
- This is part of our rapid response content on COVID-19. You can view all our reporting on this topic under COVID-19.
Contact tracing is the process of identifying all the people who have come into contact with an infected individual so they can be warned that they may be at risk of illness. Based on factors such as the closeness and duration of the contact, decisions can be made about whether those at risk need to act (for example, by taking a test for the infection or self-isolating). Mobile phone apps can automate this process by detecting when people come into close contact and notifying users that they may be at risk.
Many governments and public health bodies across the world are showing interest in developing contact tracing apps to support the fight against COVID-19. For example, the contact tracing app TraceTogether, which can be downloaded on a voluntary basis, was introduced in Singapore in March. The Australian Department of Health released their contact tracing app COVIDSafe, which is based on TraceTogether, in April. Apps, or frameworks upon which apps can be built, are currently being developed for use in many other countries, including a number of efforts across Europe.
On 12 April, the UK Government announced that NHSX, a unit of the NHS responsible for digital innovation, was developing a contact tracing app that it aims to deploy in the UK within weeks. A trial began on the Isle of Wight on 5 May.
Using mobile phone apps for contact tracing
At the beginning of the COVID-19 pandemic, contact tracing in the UK was carried out manually, using interviews with infected individuals to understand where they had been and who they had been in contact with. This approach ceased when the disease became too widespread to trace contacts in every case.
Manual tracing has been widely used in the past to tackle a range of diseases, from Ebolavirus to sexually transmitted infections. It relies on a person’s ability to accurately recall their movements, is time and labour intensive, and does not easily allow contacts who are strangers to be identified.
Mobile phone apps on the other hand use automated data collection and analysis to circumvent these problems, potentially allowing for quicker and more precise contact tracing. However, they cannot be used by those who do not own a smartphone and have prompted concerns about privacy and data protection.
Stakeholders have suggested that, once restrictions on movement have been eased, a contact tracing app could be used in combination with manual tracing to help prevent further outbreaks.
One of the reasons that COVID-19 is difficult to contain is that transmission can occur from individuals without symptoms and estimates suggest that 5-80% of cases have minimal symptoms. Contact tracing increases the chances of identifying these cases and isolating them. Research has indicated that the spread of COVID-19 is too fast to be contained by manual contact tracing alone, but containment would be possible using a more efficient method involving a mobile app.
How do contact tracing apps work?
Contact tracing apps work by digitally tracking who an individual has come into contact with. When two people come within a certain distance of each other, their phones exchange ‘tokens’ (unique identifying numbers) that have been allocated to each phone. The app stores a list of the tokens belonging to all contacts they have made over a given period. If an individual begins to show symptoms of COVID-19, or tests positive for the virus, the app is notified. It can then alert other users that they may be at risk of infection if the infected person’s token is stored in their phone.
When designing an app to carry out this process, different technical specifications can be chosen to suit specific functions or meet certain standards of accuracy, security and user privacy.
Firstly, the criteria that defines whether two people have come into contact needs to be determined. EU guidelines recommend that apps for COVID-19 should be able to determine proximity with a resolution of 0.5m so that the infection-relevant distance (the distance within which there is a high risk of infection) of 1.5m can be determined. The longer the time that individuals are close to each other, the higher the risk of infection, so the duration of close contact is also measured. The Australian app, COVIDSafe, defines a contact as someone who has been within 1.5m of the user for 15 minutes or more.
Information about a smartphone’s location and proximity to other smartphones can come from four different sources: Bluetooth, GPS, WiFi networks or telecommunications networks. Most contact tracing apps currently in use or development use a type of Bluetooth known as ‘Bluetooth low energy’ to exchange information between devices. A phone can estimate the distance to another Bluetooth device by measuring the signal strength received from the other device. This therefore measures the proximity of other devices but not their absolute location. This is one reason why Bluetooth is generally preferred over other sources of location data; by not measuring absolute location, less identifiable personal data are collected.
Research has shown that an individual’s location data are highly unique and hence individuals could be identified from their data even if it is stored anonymously. In South Korea, where location data of infected individuals is published anonymously on a website, two people were reportedly accused of having an extramarital affair by online comments after their identities were inferred from their data.
Another benefit of Bluetooth is that it can be used in the absence of phone signal. However, Bluetooth also has limitations. For example, the radio waves used by Bluetooth can penetrate physical objects so there is a risk of false positives if people are a few metres apart but separated by a wall. There is also a risk of false negatives if the phone is in a bag or pocket that could weaken the signal, making it seem as if it is coming from further away. Research suggests that the orientation of a phone can also change the strength of Bluetooth signal received and this could make distance measurements unreliable.
Having a phone’s Bluetooth constantly switched on could also pose a security risk. The Bluetooth chip in a phone is designed to broadcast a unique identifier which could be collected by third parties in the vicinity or other apps on the phone and used for malicious purposes such as tracking. Bluetooth can also be used to attack phones by uploading malicious software.
It is generally agreed that, to protect an individual’s privacy and prevent surveillance, the unique tokens that the app broadcasts for exchange between contacts should be anonymised and not derived from personal details such as names or phone numbers. EU guidelines recommend that tokens are generated randomly and changed on a regular basis to protect users against tracking by third parties.
In some cases, the Australian app for example, a central, secure database may be used to link the tokens with personal details so that at risk individuals can be contacted. Some privacy experts criticise this approach as it means at risk users are not anonymous to the app authority (usually the government or public health body) and tokens could theoretically be deanonymised. Tokens could also potentially be deanonymised if they are generated centrally by the app authority and sent out to users, rather than being locally generated on individual phones. However, there are ways of setting up anonymous communication between the central server and individual devices to protect anonymity when sending out tokens.
Data storage and sharing
Most apps currently use approaches that minimise data collection and storage, and manage data using either a ‘decentralised’ or ‘centralised’ model.
- Decentralised models: data are managed locally on a user’s device and as little sensitive data as possible is shared with the app authority.
- Centralised models: data are shared with a central server managed by the authority which carries out data processing and/or storage.
In both cases, experts recommend that data are deleted once the risk of infection has passed. The EU recommends deletion of data 14–16 days after contact. They also recommend that the source code and protocol for the app is published so that the use and collection of data is well understood.
In April, 300 academics from across the world signed a letter warning against the adoption of centralised models as, even with anonymous tokens, the centralised data could be deanonymised and used for surveillance purposes. The Ada Lovelace Institute, an independent research body, has recommended that Parliament works to impose strict time and purpose limits on the use of contact tracing apps in the UK.
A centralised database could present an attractive target for bad actors, leading to higher risk of security breaches in centralised models. However, an advantage of a centralised system is that anonymised data in the central database could be used for research into the effectiveness of the app and understanding the spread of the virus. In a decentralised model, users could be given the option of volunteering their data for this purpose.
The European Parliament has voted to support the adoption of decentralised apps and an international consortium of researchers led from Switzerland, DP-3T, have developed a decentralised approach. In April, Apple and Google announced a partnership to develop a framework for running decentralised tracing apps on their phones. On 18 April, details of a German tracing protocol using a centralised model were published but the German health minister has since announced that they will adopt a decentralised approach. The Australian app has been described as a ‘hybrid-centralised’ model as data is stored on a user’s phone unless they have been in contact with an infected person, in which case their identity is revealed to the health ministry.
Notifying the app of an infection
The only way to be certain that an individual has contracted the virus is to test them. Hence, many experts suggest that contact tracing apps are of greatest use when used in combination with widespread testing so that the app has the most accurate data. A password or authorisation key can be used to ensure only official, verified test results are uploaded. Many practitioners advocate obtaining consent before uploading test results as this may help maintain public trust. In addition to informing the app of test results, some practitioners suggest that users should be able to self-report their symptoms. Although this could reduce the risk of infection whilst users await test results, it could also lead to false positives. Australia’s app requires a positive diagnosis of COVID-19 before the app is notified of an infection.
Alerting users to risk
Criteria used to determine whether a user is at risk are based on an understanding of how different levels of exposure (e.g. closeness and duration of contact) affect risk of infection. The app could also make recommendations to manage this risk, such as checking symptoms, reporting to a test centre or self-isolating.
Some commentators have expressed concerns that lack of interaction with a human health official could increase anxiety and reduce trust in the app’s advice. In Singapore, a health professional makes contact with the app user to decide an appropriate action following an alert. One of the leading developers of Singapore’s tracing app has cautioned against over reliance on apps for contact tracing as interaction with health officials can provide more assurance to the public. In a fully decentralised model, the app authority would not have access to the contact details of at risk users so users would need to make contact with the authority themselves following a notification of risk from the app.
For contact tracing apps to work effectively they must be used by a large proportion of the population. One study estimated that 56% of the UK population, or 80% of smartphone users, would be required to install and use the app for it to suppress the epidemic (although lower uptake could still help slow the spread of disease). In Singapore, it is estimated that less than 20% of the population have installed the app. Amongst those who have installed it, some may not be using it regularly as the app requires Bluetooth to be on at all times and for the phone to be unlocked. There are no studies on the impact this app has had on the spread of the virus in Singapore so far. In a recent survey of UK adults, 65% said they supported the use of smartphones for contact tracing.
Mobile phones offer a useful resource for contact tracing because they are widely used. However, smartphone use is much lower amongst the elderly, who are most at risk from COVID-19. Experts generally agree that apps should complement ongoing manual contact tracing efforts, which would be needed to support those without access to smartphones. It has also been suggested that those without phones could be provided with Bluetooth devices that would perform the same function as the app.
EU guidelines say that it is essential that app use remains voluntary to maintain public cooperation. Commentators have expressed concerns that citizens could be coerced into using an app in some settings, for example an airline might forbid someone from flying if they do not have the app installed, or social pressure could dictate that those who have not downloaded the app are irresponsible. Some academics have suggested that protection from coercion in this way should be explicitly written into law.
Contact tracing in the UK
The UK app, under development by NHSX, is expected to be technically ready for national use before the end of May. An ethics advisory board has been established for the app and the source code is now openly available. Bluetooth will be used to measure proximity, and users will be able to self-report symptoms. The app will be built on a centralised system where the NHS will have access to anonymised graphs of contacts to allow them to research the spread of the disease and spot malicious interference with the app. Anonymous tokens for exchange between users will be generated daily on phones but each user will also have an anonymous, fixed identifier which is assigned centrally at installation. Data on a user’s phone are deleted every 28 days but the centralised data may be retained for future NHS research. There are concerns that the centralised design may not be compatible with the decentralised apps favoured by many other countries. This could limit the app’s effectiveness if users travel outside the UK or interact with contacts using other nation’s apps. Also, the app does not currently work on all phones. For example, some older phones do not support Bluetooth low energy and the app is incompatible with the operating system on the latest Huawei phones, although work is ongoing to solve these problems. The Joint Committee on Human Rights has warned against the national roll out of the app unless privacy protections are guaranteed by legislation and the efficacy and benefits of the app are clear and frequently reviewed.
You can find more content from POST on COVID-19 here.