The corona app is not completely anonymous after all – Belgium

0
5


Coronalert will be launched on Wednesday. The federal government’s app is based on the German corona app and is promoted as ‘privacy-safe’. But Belgium adapted the German code. As a result, the system no longer works completely anonymously.

It took a while for the federal contact tracing app Coronalert to be launched, which, after a pilot phase with some 80 users, was actually planned for last week. The app must notify its users if they have had contact with fellow citizens who later turn out to be infected with covid-19. In addition to the contact tracking investigation, the federal government sees the free – but not mandatory – smartphone application as a new weapon in the fight against the spread of the virus.

It took a while for the federal contact tracing app Coronalert to be launched, which, after a pilot phase with some 80 users, was actually planned for last week. The app must notify its users if they have had contact with fellow citizens who later turn out to be infected with covid-19. In addition to the contact tracking investigation, the federal government sees the free – but not mandatory – smartphone application as a new weapon in the fight against the spread of the virus. The privacy of citizens was an important criterion in its development. While the Chinese app uses GPS technology to closely monitor the movements of its citizens, Belgium, following other European countries, opted for a system based on the more privacy-friendly DP3T protocol. Each smartphone sends out an anonymous code via a direct Bluetooth signal. When two smartphones come close to each other, they receive each other’s codes. The smartphone then stores these codes together with the strength of the received signal. To avoid tracing someone using the anonymous code, the app generates a completely new anonymous code every 15 minutes. If a user tests positive for covid-19, they will be prompted (so it is not required) to enter all upload codes that his phone broadcast while he was contagious to a central Sciensano database, where a list of ‘infected codes’ is maintained All smartphones with the app regularly download this list and compare it with the codes that the phone itself received directly via bluetooth. Based on the exposure time and the signal strength (which decreases with physical distance), the app then estimates the probability that the user himself has become infected, because a large part of the information is stored locally (by the users’ smartphones). and processed, DP3T makes it virtually impossible to centrally monitor users’ movements or to identify who has been in contact with whom. Sciensano, our country is a little less concerned with the anonymity that DP3T provides. Because when a patient suspects that he is infected, he must click a ‘Covid test’ button on his smartphone and he will receive a so-called ‘R1 code’ for his doctor, who will receive the code together with the mobile phone number of the doctor. patient and sends his national register number to Sciensano. If the test is positive, the R1 code becomes a kind of password that allows the patient to upload the transmitted bluetooth codes to the central server, so Sciensano would be able to find out which infected patients use the app or not. ‘That’s right,’ admits computer science professor and co-designer of the Belgian app Axel Legay (UC Louvain). But it ends there too. Sciensano or other authorities should not do anything with that information. The fact that the R1 code is not completely anonymous should be seen as a security measure to prevent users who are not infected from uploading their keys. ‘ Pranksters could cause unnecessary panic and force people into quarantine for no reason, and why not a system with an anonymous R1 code? Or a QR code, as in Germany? After a positive test, the doctor could provide his patient with a code that he also sends to Sciensano, but without that code being linked to the telephone or national register number. ‘In such a completely anonymous system, we cannot prevent users from entering their code into someone else’s device. Then incorrect information would end up in the system, with all the ensuing consequences ‘, it sounds at Legay, who also points out that an extra privacy measure is provided:’ After 14 days, the codes on the server will be deleted, also the R1 code. ‘In short, the Belgian Coronalert app, like the German Corona app on which it is based, protects the trade and activity of its users, but has been slightly modified. Belgian users are slightly more exposed to the government.







Source link by https://www.knack.be/nieuws/belgie/de-corona-app-is-toch-niet-helemaal-anoniem/article-longread-1646803.html?cookie_check=1601350763

*The article has been translated based on the content of Source link by https://www.knack.be/nieuws/belgie/de-corona-app-is-toch-niet-helemaal-anoniem/article-longread-1646803.html?cookie_check=1601350763
. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!

LEAVE A REPLY

Please enter your comment!
Please enter your name here