Although I think tge aproach is correct. I think the DTK period is far too long. 1 day may reveal to much information regarding movement patterns if someone has enough distributed trackers at critical spots. Also if everyone uses it I see a slight chance of bruteforcing in often visited spaces (didn't do the math). Adding more hierarchicies would allow people to share information more finegranuarly. Putting RPIs into a bloom filter and releasing them might be another idea. Critical contact would mean multiple bloom filter matches anyways .
I guess you are not aware what contact tracing is. If you get a disease like this most governments have the right to ask you where you have been and who you have seen and the need for society to be protected from your disease is seen as to trump your privacy rights. This is just another mechanical way to get the same information, except privacy gets much more protection here.
But most people won’t know very well who they have seen. For example, I went shopping this morning and probably saw around 50 people. I would recognize less than 10 of them, if I were to meet them again. I know the names of none of them.
Since most governments can’t ask their entire population “were you in the neighborhood of this walking path”, there’s no simple way for them to find those people (t.v. broadcasts and canvassing in the neighborhood would work, but are labor-intensive and slow)
That’s where this will help. The people who came into close contact will get informed, and, hopefully, will self-isolate. The government doesn’t have to know who they are, where they were, etc.
It will require a significant part of the population to opt-in on this, though. That’s challenging. In Singapore, only 20% of people did. That’s why privacy is so important for this for many countries.
This is true in general but the stated issue is that this system would make it possible for governments to find out where an infected person has been. Manual contact tracing is the same thing, but manual. You can always opt to not tell them about something, you can always opt to leave your phone at home or turn it off.
> If you get a disease like this most governments have the right to ask you where you have been and who you have seen
> disease is seen as to trump your privacy rights
If you are using the US as an example; can you kindly point me to any law or case precedent that is a citation?
Fundamentally I disagree the government has any “rights” at all, rather rights are for people and just restrictions placed on the gov, but that’s a small nitpick.
I’d like to see where you are liable or required in any way to break your 4th and/or 5th amendments because you picked up a disease.
This is one of the few issues that is indeed real. I’m not sure if tracking only infected people would be worth the effort and the risk of bad publicity though.
My comment was about the fact that the keys need to released to the general public. This is a decentralized scheme. People won't participate in the first place if it is not secure or controlable. This thing could be run centralized but imagine the cross-government / legislation data sharing. Have fun...
So it’s just a generic ‘technology is scary’ handwave. With the right intonation you can make it sound kind of convincing but it’s still not helping anyone.
If you get infected you spread the daily key to the other users. They generate all the keys you could have sent and compare them with the ones they have seen. It makes sense to have somewhat of a limit here, the work is multiplied by the number of infected people and every user needs to run it everyday.
Aren’t you just created obfuscation layers and calling them security?
The whole point of the system is that you are individually and exotically identifiable. Please don’t try and hide that with layers of hand waving, it’s Apple, Google, NSA, etc that I don’t want to supply info to, not necessarily concerned about Target or Bestbuy.
The idea is that every 15 minutes you create a new byte string and start spreading that. This makes it impossible to track who is seeing who or who is going where over longer periods. That is, unless someone releases their own key, which makes it possible to derive all the strings they would have spread.
This is not obfuscation or hand waving. You are not actually identifiable unless you choose to be.
Then again, if you want to avoid giving data to Apple and Google I would advise against a smartphone. I don’t think there is a way to use them that would satisfy your requirements.
