Privacy risks associated with the NHS contact-tracing app exist “in theory” but would require more data to be considered a threat, the technical director of the National Cyber Security Centre has said.
Dr Ian Levy acknowledged there’s a reidentification risk with tracing technologies “where it’s sometimes possible to reidentify some small number of people from an anonymised large scale contact graph or other data set” but that NHS app doesn’t collect enough data to enable that.
“It would take changes to the app and also bringing lots of other data together to do this, which the NHS does not allow,” he wrote in a blog post.
Using Bluetooth, the app works continuously in the background of a person’s phone, storing anonymised identifiers collected from other devices a user comes into contact with. That information is storied within the app until a person develops potential Covid-19 symptoms.
Only then will a user have the option to send data collected by the app to a central NHS database, which will then use an algorithm to identify other users who have been in close enough proximity to be deemed at risk.
It was launched in the Isle of Wight on 5 May, with a wider roll-out across the UK expected in the coming weeks.
“Of course, at some point, you have to be identified to the NHS, for example to get a clinical test,” Dr Levy adds.
“If that happens through the app, the system uses a privacy preserving gateway to be able to link a test to an app Installation ID anonymously, but not the Installation ID to a person’s identity or NHS record. Of course, someone who has access to all three systems can link you, but by design no-one does.”
There’s a set of “well known attacks” that all apps have to mitigate, he states, but “the NHSX system as a whole does a good job of balancing the individual privacy needs with the public health needs”.
More on Covid-19 contact tracing apps
- NHSX sets up ethics advisory board to oversea contact-tracing app
- Contact-tracing apps could ‘catastrophically’ hamper trust, academics warn
- Imperial white paper outlines key data questions for contact-tracing tech
- ‘Absence of evidence’ for Covid-19 contact-tracing apps, review finds
- NHSX must be ‘upfront’ about contact-tracing app, privacy group says
- NHSX differs with Apple and Google over contact-tracing app
‘Please install the app’
Despite concerns about privacy and data, Dr Levy urged the public to download the app to help the NHS tackle Covid-19.
Epidemiologists say 60% of the population would need to use the app for it to be successful – an ambitious target given low uptake levels in other parts of the world.
In Singapore about 20% of the population use a similar app to trace the virus, and in Australia only 3.5 million people downloaded the countries contact-tracing app in the first five days of its release, representing about 14% of the population.
The app is a small but “important and visible” part of the response to the Covid-19 pandemic, Levy said.
“An app that provides fantastic provable privacy but doesn’t help stop the spread of the disease isn’t a useful tool. The NHSX team developing this app is diverse, multi-disciplined, science and evidence led and working flat out to build a product that protects the public,” he wrote.
“As our understanding of the virus evolves, so will our response, including how the app works. It may turn out that one of the other models proposed actually helps manage the virus better.
“No-one knows today, but the UK is responding based on the best scientific advice available today. If that advice means the app has to change, we’ll evolve the design. But the NHS will always be transparent about what the app does and how.”