That's odd, since the NZ Covid Tracer app definitely has this feature, it's part of the standard process when someone tests positive.
As far as I know it only includes the manually scanned codes though, not the bluetooth proximity tracing data. Perhaps the NHS app was trying to gather this?
Perhaps there's some details missing from the article, because it sounds just like how the NZ app operates. All data stays on your phone unless you choose to share it:
"The information you choose to record with NZ COVID Tracer is stored on your phone where only you can see it. This includes the QR codes you scan, your manual diary entries, your Bluetooth ‘keys’, and your NHI number."
If you're identified as a potential case, then you can choose whether or not you want to share your history:
"If you are identified as a confirmed or probable case of COVID-19, it is entirely your choice whether to share your digital diary with the Ministry or upload your Bluetooth keys. You are in control of your data."
> the terms and conditions in more detail says that "a contact tracing app may not use location-based APIs... and may not collect any device information to identify the precise location of users".
I also wondered about this. The NZ app doesn't as far as I know log or transmit GPS coordinates. Some organisations have different codes at every door and in each elevator.
It works the same in HK, once you test positive, you input your case number, and upload your check in history to some government servers. I assumed this is how every country does it.
Relevant quote from the FAQ doc: There will be restrictions on the data that apps can collect when using the API, including not being able to request access to location services, and restrictions on how data can be used.
Irrespective of ones own feelings about this particular app: isn't it interesting that Google and Apple have the power to collect all our location data, but can refuse our democratic governments access to that data even on a voluntary basis?
In this specific case, I'm really glad they're exercising their power, because they seem to be doing it in the best possible way, and have forced governments to do the right, privacy-preserving thing.
And I think having this power is OK - nobody should be forced to help the government implement something unethical. There may be scenarios where this goes horribly wrong, but the contact tracing framework is a case where it went perfectly right.
Yes, the QR-checkin feature is something where an exception could make sense, but given what it would pave the way for, I'm glad they keep the rules strict.
Can't speak for Google's case - but Apple certainly goes to great pains to make it clear they don't collect location data on users - it's left on the user's device.
Isn't it interesting that it takes an international mega-corporation to take a more realistic and principled approach to user privacy than a democratic government.
I find it interesting that there seems to be a (wilful?) ignorance on the part of our government as to quite how big and powerful those corporations are.
There seems to be a bit of a "We're the government, so they'll have to do what we ask/tell" going on here I suspect. Probably coupled with incompetent IT project management that didn't bother to worry about the terms and conditions they signed up to, because that was too hard.
Just so long as we're clear that the final conclusion ought to be that no-one should have that data; rather than "ok, let's give it to the government, my next door neighbour, and the nearest cat as well then"
Better the devil you know? The worse that Google may do with your data is targeting you with some personalised ads. As for Apple, they have probably even less interests with those... But your government is a different matter. Speeding, financial "crimes", ... evading Covid-19 restrictions :-)
Actually the scariest about Google / Apple collecting your data is ironically when a government entity may investigate you and request data from these companies
The first part "UKC19TRACING" obviously tells you it's for UK Covid 19 tracing. The second part "1" is maybe a version number. The rest is a json web token with the following payload:
{"id":"P52KWPR3","typ":"entry","opn":"Enw Lleoliad y Prawf","adr":"Welsh Government\nCrown Building\nCathays Park\nCARDIFF, CF10 3NQ","pt":"CARDIFF","pc":"CF103NQ","vt":"001"}
Honestly, this seems to me to be overly complicated but I don't really know how the apps work.
It does seem to work here in Hong Kong. Two weeks ago someone who went to my gym tested positive, I was instantly notified through the app (as did 500 other members). Within two hours I got tested, and received my negative results the next day.
Anytime someone tests positive, the government notifies everyone who was in the same building in the past two weeks, and testing is mandatory.
I won't go into the morality of this particular issue if Apple or Google is right or wrong in this case, but I do think that Apple and Google are slowly but surely pushing their limits...
Even if they are right, no government wants to be beneath a corporation, and have it so publicly displayed how a corporation wields more power than government.
Apple and Google are just asking to be regulated, and contrary to HN sentiment, I cannot wait for that moment. I think I'll open the champagne and make a toast to Tim Cook.
Many billions of pounds are being wasted on this. This failed app and system has had ten times the overall cost of the Mars Perseverance mission budgeted for it.
A quick google shows the app will cost c£35 million[1], while the overall cost of the Mars Perseverance programme is $2.7 billion[2]. 10 times $2.7 billion is $27 billion so you are out by a large factor.
sitharus|4 years ago
As far as I know it only includes the manually scanned codes though, not the bluetooth proximity tracing data. Perhaps the NHS app was trying to gather this?
amanzi|4 years ago
https://www.health.govt.nz/our-work/diseases-and-conditions/...
teruakohatu|4 years ago
I also wondered about this. The NZ app doesn't as far as I know log or transmit GPS coordinates. Some organisations have different codes at every door and in each elevator.
woutr_be|4 years ago
TYPE_FASTER|4 years ago
Relevant quote from the FAQ doc: There will be restrictions on the data that apps can collect when using the API, including not being able to request access to location services, and restrictions on how data can be used.
cameronh90|4 years ago
tgsovlerkhgsel|4 years ago
And I think having this power is OK - nobody should be forced to help the government implement something unethical. There may be scenarios where this goes horribly wrong, but the contact tracing framework is a case where it went perfectly right.
Yes, the QR-checkin feature is something where an exception could make sense, but given what it would pave the way for, I'm glad they keep the rules strict.
ircshotty|4 years ago
Isn't it interesting that it takes an international mega-corporation to take a more realistic and principled approach to user privacy than a democratic government.
mbalyuzi|4 years ago
There seems to be a bit of a "We're the government, so they'll have to do what we ask/tell" going on here I suspect. Probably coupled with incompetent IT project management that didn't bother to worry about the terms and conditions they signed up to, because that was too hard.
Kim_Bruning|4 years ago
WinstonSmith84|4 years ago
Actually the scariest about Google / Apple collecting your data is ironically when a government entity may investigate you and request data from these companies
nojito|4 years ago
They even acknowledge they made a mistake in the initial contract.
What’s the issue here?
Hamuko|4 years ago
Angostura|4 years ago
bellyfullofbac|4 years ago
dkarp|4 years ago
UKC19TRACING:1:eyJhbGciOiJFUzI1NiIsImtpZCI6ImlSNHdIVEIxdkF2a 2RjbEdCQWVwUlpxSzZSb29GbVNxcEpDQVd4alFvUFEifQ.eyJpZCI6IlA1Mkt XUFIzIiwidHlwIjoiZW50cnkiLCJvcG4iOiJFbncgTGxlb2xpYWQgeSBQcmF3 ZiIsImFkciI6IldlbHNoIEdvdmVybm1lbnRcbkNyb3duIEJ1aWxkaW5nXG5DY XRoYXlzIFBhcmtcbkNBUkRJRkYsIENGMTAgM05RIiwicHQiOiJDQVJESUZGIi wicGMiOiJDRjEwM05RIiwidnQiOiIwMDEifQ.3USKQlzdD4_RlH-wWvPPyQig 3tGbS8XUIFlTryqVzCmeWzc32YyKLjYpnzNOpUu0555-ym1kfvdDNAqnqyAWRw
The first part "UKC19TRACING" obviously tells you it's for UK Covid 19 tracing. The second part "1" is maybe a version number. The rest is a json web token with the following payload:
{"id":"P52KWPR3","typ":"entry","opn":"Enw Lleoliad y Prawf","adr":"Welsh Government\nCrown Building\nCathays Park\nCARDIFF, CF10 3NQ","pt":"CARDIFF","pc":"CF103NQ","vt":"001"}
Honestly, this seems to me to be overly complicated but I don't really know how the apps work.
ditn|4 years ago
dgl|4 years ago
Whole thing is a bit OTT.
unknown|4 years ago
[deleted]
Gatsky|4 years ago
weddpros|4 years ago
Also (western) journalists love stories about 3M deaths, surveillance apps or fake news, much more than success stories.
So yes, apps had no chance to save lives. Korea or Singapore show they could have, but we didn't let them.
woutr_be|4 years ago
Anytime someone tests positive, the government notifies everyone who was in the same building in the past two weeks, and testing is mandatory.
newbie578|4 years ago
Even if they are right, no government wants to be beneath a corporation, and have it so publicly displayed how a corporation wields more power than government.
Apple and Google are just asking to be regulated, and contrary to HN sentiment, I cannot wait for that moment. I think I'll open the champagne and make a toast to Tim Cook.
ourcat|4 years ago
Closi|4 years ago
A quick google shows the app will cost c£35 million[1], while the overall cost of the Mars Perseverance programme is $2.7 billion[2]. 10 times $2.7 billion is $27 billion so you are out by a large factor.
[1] https://www.digitalhealth.net/2020/09/total-cost-of-nhs-cont... [2] https://www.planetary.org/articles/cost-of-perseverance-in-c...