EFF Alerts of Privacy and Security Pitfalls with Apple and Google’s COVID-19 Contact Tracing Solutions

The contact tracing technology that Google and Apple are creating may be helpful in tracking persons who have gotten into close contact with persons verified to be COVID-19 positive; nevertheless, the Electronic Frontier Foundation (EFF) is cautioning against the probability that hackers would exploit the system in its present form.

The technology is set to be available soon. The system will enable app developers to make contact tracing applications to help track down persons who might have been exposed to COVID-19. When a person installs a contact tracing application, every time he/she comes into contact with a man or woman while the app is installed on his/her phone, anonymous identifier beacons, known as rolling proximity identifiers (RPIDs), are going to be traded using Bluetooth Low Energy.

How Contract-Tracing System Works

RPIDs can be traded only in case a person moves in a predetermined distance – 6 feet – and remains in close contact for a specified time frame. Distance could be identified by the strength of the pings dispatched by the users’ mobile phones. When an individual is declared as COVID-19 positive and the fact is inputted in the application, all persons that the individual has gotten into contact with within the last 14 days will be provided an electronic notice.

The dispatched information is anonymous, therefore notifications won’t give any facts concerning the individual that has gotten COVID-19. The RPIDs alters per 10-20 minutes, which will keep an individual from being identified and details will be saved on mobile phones and not on a central server and RPIDs will merely be kept for 14 days. A person also must provide authorization before a public health authority could share the person’s temporary exposure key which affirms the person has caught COVID-19, hence avoiding false alerts.

If a COVID-19 diagnosis is verified, a diagnosis key is going to be recorded in a public registry that all application users can access. Moreover, the diagnosis key is going to be the basis for generating notifications. The diagnosis keys have all of the RPIDs for a certain user to enable all persons who had been in contact with them to be alerted.

Electronic Frontier Foundation’s Issue Regarding Privacy and Security Problems

EFF’s Gennie Gebhart and Bennett Cypher wrote in a recent article that there is an issue with the system utilizing the public registry. Any distance tracking system that refers to a public database of diagnosis keys against RPIDs on a person’s device, just as what the Apple-Google project does, results in the probability that the data of an infected individual will lead to the discovery of the persons they stumbled upon who is infected.

On a daily basis, applications end-users will provide their diagnosis keys, which leads to the likelihood of linkage attacks. It will be likely for a threat actor to acquire RPIDs from various places all in one go via static Bluetooth beacons in public areas. This will merely provide data about the location of pings and won’t let somebody to be monitored. Nonetheless, if the diagnosis keys are sent out, an attacker may connect the RPIDs together and find out an individual’s day-to-day regimen from their RPIDs. Considering that a person’s activities would be distinct, it would probably be possible to tag that person and learn about their activities and where they are located and employ. EFF advises that risk may be lessened by sending diagnosis keys a lot more often, like every hour and not just once every day.

One more concern with the contact-tracing technology in its present form is there is at the moment no way of validating that a gadget giving contact-tracing information is the gadget that made the RPID. This signifies a threat actor could possibly intercept RPIDs and retransmit them.

For instance, a system of Bluetooth beacons established on busy street corners retransmit all the RPIDs they notice. Any person who goes by a ‘bad’ beacon will note the RPIDs of all people who was nearby any of the beacons. This is going to cause plenty of false positives, which may challenge public confidence in the tracing applications or the public-health system altogether.

There is also a worry that developers could perhaps centralize the information accumulated by the applications, which can expose many people to far more risk. EFF proposes that developers adhere to the proposal specified by Google and Apple and keep users’ information on their mobile phones and not in a core database. EFF also suggests to control the information transmitted over the web as much as possible and to simply send information that is totally needed.

EFF echoes the recommendation of over 300 scientists in stating that it is likewise necessary for the program to end when the COVID-19 public health emergency is through to make certain there will be no other uses that may affect individual privacy later on. They furthermore advise that app developers need to work with total transparency and plainly make clear to end-users what facts is gathered, and should enable end-users to prohibit pings should they desire and likewise access the RPIDs they have acquired and remove information from their contact history.

Additionally, any application ought to be widely analyzed to make certain it works as it ought to and doesn’t have any flaws that may be taken advantage of. Post-release, evaluation should go on to uncover vulnerabilities and patches and updates should be created quickly to fix flaws that are found. So that the system would work as it need to, a high proportion of the population must be utilizing the system, which would very likely entice cybercriminals as well as nation-state hacking groups.

No contact tracing technology is possibly with no privacy risks since there should be an exchange to execute this kind of contact tracing, yet EFF states that steps ought to be undertaken to decrease those privacy risks as much as possible. The whole system is dependent on trust and, when trust is weakened, the system will not realize its objectives.