Covid-19 Contact Tracing: A Solution? A Privacy & GDPR Nightmare? A Technical Bridge Too Far? - Z/Yen
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
© Z/Yen Group 2020 Covid-19 Contact Tracing: A Solution? A Privacy & GDPR Nightmare? A Technical Bridge Too Far? 28 May 2020 Maury Shenk in conversation with Professor Michael Mainelli
© Z/Yen Group 2020 With Thanks To Our Sponsors
© Z/Yen Group Agenda 2020 ♦ Permission frameworks ♦ What is contact tracing and why might it matter? ♦ Efficacy concerns ♦ Who’s done what? Who’s doing what? ♦ Privacy & GDPR concerns ♦ Outlook "Get a detailed grip on the big picture." Chao Kli Ning
© Z/Yen Group Why We Need Permissions Frameworks 2020 ♦ Permission (or not) to use digital / online resources is at the core of our information economy ♦ But there are major holes in existing frameworks ➢No widely-accepted standards ➢Major cybersecurity issues as more devices come online (e.g. IoT) ➢Difficulty of implementing concepts of “may” and “should” (or not) on Boolean devices ♦ Need to move beyond access control
© Z/Yen Group Structure Of A New Permission Architecture 2020 Consumer Securities Government E- Privacy Travel … Financial Trading Services Commerce Logical Access Control Physical Access Control Domain-Specific Permission Libraries Deontic Logic API Deontic Logic Translation Engine Smart Ledgers – Internet of Record TCP/IP – Internet of Communications Underlying Computing Operating System (e.g., Linux, iOS, MacOS, Windows)
© Z/Yen Group Choosing A Permissions Framework 2020 ♦ Criteria ➢Precision – ability to accurately convey permissions ➢Breadth – ability to convey any permission ➢Applicability – comprehensibility and practicality for real-world markets ♦ Candidates ➢Access control ❑Standard for computer systems ❑Comes in many flavors – e.g. access control list, role-based, attribute- based ➢Differential privacy – conveying information while avoiding disclosure of personal information ➢Deontic logic – formal logic of “may” and “ought”
© Z/Yen Group Deontic Logic in Practice (for Identity) 2020 What a Human Hears High-Level Proposition Propositional Variables Deontic Proposition You are an authorised user Pers on X may a ccess resource AR X = X a ccesses ( ) of this computer system R res ource R If you are in the finance If person X belongs to group G, AR X = X a ccesses ∈ → ( ) department, you may access s he may a ccess resource R res ource R the accounting system G = group G Would Mr. Jones please go If reci pient of message i s U = recipient of message = → ( ) to the ticketing desk pers on X, s he s hould take AX = X takes action A = → ( ) a cti on A Sorry, no admittance for If person X i s under age K, s he KX = a ge of X < 18 under 18s ma y not a ccess resource R AR X = X a ccesses → ¬ ( ) res ource R No ID, no entry If person X ca nnot prove s he is KX = a ge of X ( > 18)¬⊢ over a ge K, s he may not a ccess ID X = i dentification → ¬ ( ) res ource R documents in X’s pos session AR X = X accesses resource R
© Z/Yen Group Why and How Smart Ledgers? 2020 ♦ Advantages over centralised solutions ➢Inherently distributed ➢Open architectures are common / understood ♦ Technical challenges ➢Functions to manage technical complexity – requires advanced, ‘third generation’ architecture ➢Implementing deontic logic on a Boolean computer ♦ Legal challenges ➢Differ by jurisdiction (e.g. Europe, US, China, India) ➢Tensions between GDPR and Smart Ledgers (e.g. erasure, repeated processing) are surmountable
© Z/Yen Group Report 2020 Read the report here.
© Z/Yen Group Covid-19 Contact Tracing 2020
© Z/Yen Group Contact Tracing & Smartphone Apps 2020
© Z/Yen Group Documentation Apps 2020 https://www.chainzy.com/case-studies/cov-id-project/
© Z/Yen Group Tracing The World 2020
© Z/Yen Group Singapore - TraceTogether 2020
© Z/Yen Group A World Of Many Protocols 2020 Name Architecture Author/promoter Licence Fraunhofer Institute for Telecommunications, Robert Koch Pan-European Privacy- multiple protocols, Central log processing, Institute, Technical University of Berlin, TU Dresden, University of Preserving Proximity closed source, private Ephemeral IDs Erfurt, Vodafone Germany, French Institute for Research in Tracing (PEPP-PT) project specifications Computer Science and Automation (Inria) Google / Apple privacy- Client log processing, Google, Apple Inc. public specification preserving tracing project Ephemeral IDs publicly- Decentralized Privacy- EPFL, ETHZ, KU Leuven, TU Delft, University College Client log processing, developed Apache Preserving Proximity London, CISPA, University of Oxford, University of Torino / ISI Ephemeral IDs 2.0 reference Tracing (DP-3T) Foundation implementation public Central log processing, BlueTrace / OpenTrace Singapore Government Digital Services specification, GPL Ephemeral IDs 3 code public developed Client log CovidWatch, CoEpi, ITO, Commons TCN Coalition / TCN Protocol specification, MIT processing,Unique IDs Project, Zcash Foundation, Openmined License code Whisper Tracing Client log processing, Nodle, Berkeley, California, TCN Coalition, French Institute for GPL 3 Protocol (Coalition App) Ephemeral IDs Research in Computer Science and Automation (Inria) Privacy Automated Contact Client log processing, Massachusetts Institute of Technology, ACLU, Brown University, MIT License Tracing (East Coast PACT) Ephemeral IDs Weizmann Institute, Thinking Cybersecurity, Boston University Privacy-Sensitive Protocols & Client log processing, Mechanisms for Mobile Contact University of Washington, University of Pennsylvania, Microsoft Ephemeral IDs Tracing (West Coast) Central log processing, NHS contact tracing protocol NHS Digital private specification Ephemeral IDs
© Z/Yen Group Consortia Gloria 2020 Decentralized Privacy-Preserving Proximity Tracing (DP^3T) École Polytechnique Fédérale de Lausanne, ETH Zurich, KU Leuven, Delft University of Technology, University College London, Helmholtz Centre for Information Security, University of Torino • https://en.wikipedia.org/wiki/Decentralized_Privacy-Preserving_Proximity_Tracing • https://github.com/DP-3T • https://github.com/DP-3T/documents Pan-European Privacy-Preserving Proximity Tracing (PEPP-3T) Fraunhofer Institute for Telecommunications, Robert Koch Institute, Technical University of Berlin, TU Dresden, University of Erfurt, Vodafone Germany, French Institute for Research in Computer Science and Automation (Inria) • https://en.wikipedia.org/wiki/Pan-European_Privacy-Preserving_Proximity_Tracing • https://www.pepp-pt.org/ • https://github.com/pepp-pt • https://github.com/pepp-pt/pepp-pt-documentation Google/Apple Privacy-Preserving Contact Tracing Project • https://en.wikipedia.org/wiki/Google_/_Apple_contact_tracing_project • https://ico.org.uk/media/2617653/apple-google-api-opinion-final-april-2020.pdf • https://blog.google/inside-google/company-announcements/apple-and-google- partner-covid-19-contact-tracing-technology • https://blog.google/documents/74/Android_Exposure_Notification_API_document ation_v1.3.pdf
© Z/Yen Group Gapple & Aaggle 2020
© Z/Yen Group UK Contact Tracing 2020
© Z/Yen Group Privacy & GDPR Concerns 2020 ♦ Raises basic principles of data protection law ➢ Data protection by design and default ➢ Processing for limited purposes and minimisation ➢ Basis for processing – consent? public interest? ♦ European Data Protection Board recommendations (https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guideli nes_20200420_contact_tracing_covid_with_annex_en.pdf) ➢ Must be voluntary ➢ Favour national over third-party apps ➢ No general sharing of location data ➢ When identifying individual as infected: ❑ Only after proper health assessment ❑ Pseudonymous identifier ➢ Centralised or decentralised solutions are acceptable ♦ Should the law bend to the exigencies of Covid-19? ➢ Is this affected by concerns about efficacy of contact-tracing apps?
© Z/Yen Group 2020 Efficacy Concerns ♦ False positives ➢Distance setting ➢Walls and partitions ➢Accuracy of GPS and Bluetooth ♦ False negatives ➢People without app (Singapore 20% takeup) ➢Accuracy of GPS and Bluetooth ➢Transmission versus contact, e.g. time, other circumstances ♦ Use ➢Really clear? ➢Really sure you want two weeks of quarantine ♦ Performance ➢Background working of Bluetooth ➢Battery https://www.schneier.com/crypto-gram/archives/2020/0515.html#cg12
© Z/Yen Group 2020 Questions, Comments, Answers(?)
© Z/Yen Group Outlook 2020
© Z/Yen Group 2020 With Thanks To Our Sponsors
You can also read
