Digital tracking of quarantined people

Social distancing forever, or a Bluetooth app with legislated use, and deletion of data. Seems a fairly simple choice.

Apple (and Google) have offered APIs which will allow these apps to be built, and they will only do so if there is no centralised database. I probably trust Apple more than any government, which is a sad state of affairs in itself.

If they release the source code as they say they will, then I'd trust it.

You can guarantee Google/Apple won't be releasing any source code though and with some governments opting for that solution it's interesting.


That being said, lots of people with Android phones have Google Location History enabled anyway, so it's not really a much further stretch.
 
Completely different - that talks about police using general cell phone geolocation data to identify when people breach isolation orders (or whatever they are called). The article mentions the contract tracing app will continue.

The Australian app is about using Bluetooth signals from nearby phones talking to each other and recording when there had been contact between the two signals for a predefined period/distance. This will be used by health officials for contract tracing.

There does need to be safeguards to prevent use by police for enforcement of social isolation and for other measures (eg contact between drug dealers, terrorists etc). Of course if you are engaging in nefarious activities you could not download the app, turn your phone off or even just turn Bluetooth off at the time of said activities.

Of course, but do remember this thread was raised in regards to digital tracking of quarantined people, not (possibly) infected people going on about their usual day and being tracked, albeit it's moving the discussion there through natural progression i.e. where a tracing app becomes more relevant.

Meanwhile, in somewhat related news technology is used being used in other ways also; looking at how it can help the treatment side of things too.

 
You can guarantee Google/Apple won't be releasing any source code though and with some governments opting for that solution it's interesting.


That being said, lots of people with Android phones have Google Location History enabled anyway, so it's not really a much further stretch.

Firstly, you do realise the Android is open source, right? Secondly, I'm only commenting on what is being proposed in Australia.

Thirdly, the proposal for the Australian tracking app has nothing to do with location tracking or history.
 
Sure, Android is open source but it doesn't necessarily mean a Google built app will be.

I wasn't talking about the Australian app having anything to do with location tracking or history. I'm drawing allusions to the similar intent of the approach, mentioning that those who are worried about being tracked are probably already being tracked anyway.
 
So people not use their credit or debit cards for public transport ? Does that not track your travelling ?

Yes. But it's not actively seeking out everyone your close to.. they could only guess you might have been on the same train/ bus

From what I understand about the app. Everyone gets a unique ID on their phone app.
Your phone communicates with others via BT and if you've been in proximity to someone for a period (think 15min) then you will be recorded as a contact.

So your phone will store that you've had contacts with A45HJ, J84C8, NJ98R, E34H7 etc, and equally their phone will record the contact with you.

If J84C8 tests positive they can then send out an alert via a database phone to all phones to check if you've been in contact with them. If you are you get a message you are to self-quarantine and get tested, and at that point it probably also reports back to Government.

If you test positive, then the alert goes out to all your contacts etc
 
That being said, lots of people with Android phones have Google Location History enabled anyway, so it's not really a much further stretch.
LOL.
That's one of the first things I turn off when I get a new device, along with trash like auto correct/predictive text, whatever annoying "assistant" comes with the software, etc.
There are places I've been to repeatedly on at least a weekly basis, that Google Location History thinks I haven't been to for over 3 years.
 
  • Like
Reactions: DC3
From what I understand about the app. Everyone gets a unique ID on their phone app.
Your phone communicates with others via BT and if you've been in proximity to someone for a period (think 15min) then you will be recorded as a contact.
thats correct. the App keeps a record of who a person has been in contact with.
No data is uploaded until the user who has contracted Covid19 enables the upload, so all contacts they have had can be notified.

Its quite incorrect for people to call it Tracking as there is no location tracking at all.

Of course there are some people that beleive the govt wants to track us - if thats true they can do that already via the Telco's so why would they bother making us install a dumb app that half the population wont install, and by paranoia probably many more.

I will install this app - the more people that do it, they sooner restrictions will be lifted.
 
The data will be hosted on AWS apparently, I assume it will be an Australian based tenancy for data sovereignty requirements but being an American company people are worried. I would assume Australian data / privacy rules would apply to access requests if it's hosted in AU data centres?

Looks like wearables as some have suggested are being trialled for it.
 
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

Looks like source code not likely to be released for the Australia app now, must have missed that one.
Err, what? So where does that leave the average Joe, or Joe-ess, on privacy/security assurances provided thus far?

Edit: Some have already raised their hand to downloading the app, regardless
 
So people not use their credit or debit cards for public transport ? Does that not track your travelling ?

I auto top-up my travel card online, @ $20 a pop. Does that tell them anything much, other than that I use public transport, at times?
 
Last edited:
Err, what? So where does that leave the average Joe, or Joe-ess, on privacy/security assurances provided thus far?

I don't think the average Joe or Joe-ess was going to analyse the source code.

Meanwhile those of us that do work with code regularly immediately raised our eyebrows the moment this was suggested, because:
  • If they had an outside agency produce the code, they'd be spending a ton of cash buying the rights to the source and any other assets associated with it as they would all be immediately effectively valueless after the release.
  • If they insourced the coding, they'd probably end up taking twice the time to release it, as the difference between "functional" coding and presentable coding are vast and real. Additionally, they'd be dragging their heels unnecessarily over the release of code that is critically time-dependent, ie it has value now and now specifically.
  • Open sourcing code is one thing, but when it is code that connects to infrastructure that you maintain (for example cloud-based Application/Database components), it will very quickly lay bare any issues with the method of communicating results (such as the ability to perform denial of service attacks). These are great political capital as both domestic and foreign governments could use this as an example of incompetence, such as issues with myGov or My Health Record or the online education portals etc etc. Remember this debacle?
Transparency is great, but this seems to have missed the mark by a fair mile. If it were me, I'd be looking to have an appropriate industry group (EFF for example?) do a code audit without a full release of the code, or I'd release something that was no more than a bluetooth datalogger, and require manual collection of the data from the device. Exposing an AWS endpoint for collecting this data is pretty much an invitation for 4chan to start pumping in North Korean GPS coordinates for fun. Open Sourcing the code means you can't really utilise a secret within the app that distinguishes app-generated data from spoofed data, and if you did withhold that particular module of code, people would likely just speculate that it is the point at which your identity information is injected before being sent to the Government.
 
I auto top-up my travel card online, @ $20 a pop. Does that tell them anything much, other than that I use public transport, at times?

I suspect this was a reference to the Open Loop systems (Sydney in particular) which let you tap on and off with your Credit Card, which would then record specific places and times.

As others have pointed out, though, the vast majority already have this happening with apps like Google Maps Timeline, Qantas Wellbeing, Garmin or similar apps, which all use and record GPS detail to function. Not all of them in the resolution and for the specific purpose that Google Maps Timeline does (which is specifically to track you), but then again the reason that Google Maps primarily gathers this data isn't to track you, it's to give you directions, but Google augmented this with the ability to track traffic density and delay and then started logging that data so you could see it - so how many other apps store the same info in their cloud? Uber? Waze? Ola? Who knows.
 
Sponsored Post

Struggling to use your Frequent Flyer Points?

Frequent Flyer Concierge takes the hard work out of finding award availability and redeeming your frequent flyer or credit card points for flights.

Using their expert knowledge and specialised tools, the Frequent Flyer Concierge team at Frequent Flyer Concierge will help you book a great trip that maximises the value for your points.

I don't think the average Joe or Joe-ess was going to analyse the source code ...
Was really referring to public confidence in any proposed system, especially if it’s going to be opt-in. Perception will play a big role.

There are those who already want to opt-in regardless of security/privacy issues. More work required to get this over the line is my take on it, so far.
 
Was really referring to public confidence in any proposed system, especially if it’s going to be opt-in. Perception will play a big role.

There are those who already want to opt-in regardless of security/privacy issues. More work required to get this over the line is my take on it, so far.

I have a feeling some of the public never had any confidence in this app... no matter how much you convince them.. the question is how to convince the people who have doubts but open to ideas to embrace it
 
Open Sourcing the code means you can't really utilise a secret within the app that distinguishes app-generated data from spoofed data, and if you did withhold that particular module of code, people would likely just speculate that it is the point at which your identity information is injected before being sent to the Government.

In this day and age if you can't open source your security then you don't have any security. Security through obscurity doesn't work.

In this case open sourcing contact tracing code makes lots of sense as it'd likely be the most scrutinised code ever released.
 
In this day and age if you can't open source your security then you don't have any security. Security through obscurity doesn't work.

This is an often misunderstood concept, and is not true at all in the context you are quoting.

Which banks or governments do you see providing their core banking source code? None? How about the security policies they use to secure their networks? No? Keys use to secure things? Do you think they use open source security apparatus? (hint: no)

The statement that security through obscurity is not effective does not mean that you need to disclose everything, it means that simply using proprietary protocols, values or handshakes does not make a system secure. Totally different concepts.
 

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..
Back
Top