A place to cache linked articles (think custom and personal wayback machine)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

index.html 10.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167
  1. <!doctype html><!-- This is a valid HTML5 document. -->
  2. <!-- Screen readers, SEO, extensions and so on. -->
  3. <html lang="fr">
  4. <!-- Has to be within the first 1024 bytes, hence before the <title>
  5. See: https://www.w3.org/TR/2012/CR-html5-20121217/document-metadata.html#charset -->
  6. <meta charset="utf-8">
  7. <!-- Why no `X-UA-Compatible` meta: https://stackoverflow.com/a/6771584 -->
  8. <!-- The viewport meta is quite crowded and we are responsible for that.
  9. See: https://codepen.io/tigt/post/meta-viewport-for-2015 -->
  10. <meta name="viewport" content="width=device-width,initial-scale=1">
  11. <!-- Required to make a valid HTML5 document. -->
  12. <title>App Assisted Contact Tracing (archive) — David Larlet</title>
  13. <!-- Generated from https://realfavicongenerator.net/ such a mess. -->
  14. <link rel="apple-touch-icon" sizes="180x180" href="/static/david/icons2/apple-touch-icon.png">
  15. <link rel="icon" type="image/png" sizes="32x32" href="/static/david/icons2/favicon-32x32.png">
  16. <link rel="icon" type="image/png" sizes="16x16" href="/static/david/icons2/favicon-16x16.png">
  17. <link rel="manifest" href="/static/david/icons2/site.webmanifest">
  18. <link rel="mask-icon" href="/static/david/icons2/safari-pinned-tab.svg" color="#07486c">
  19. <link rel="shortcut icon" href="/static/david/icons2/favicon.ico">
  20. <meta name="msapplication-TileColor" content="#f0f0ea">
  21. <meta name="msapplication-config" content="/static/david/icons2/browserconfig.xml">
  22. <meta name="theme-color" content="#f0f0ea">
  23. <!-- Documented, feel free to shoot an email. -->
  24. <link rel="stylesheet" href="/static/david/css/style_2020-04-25.css">
  25. <!-- See https://www.zachleat.com/web/comprehensive-webfonts/ for the trade-off. -->
  26. <link rel="preload" href="/static/david/css/fonts/triplicate_t4_poly_regular.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: light)" crossorigin>
  27. <link rel="preload" href="/static/david/css/fonts/triplicate_t4_poly_bold.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: light)" crossorigin>
  28. <link rel="preload" href="/static/david/css/fonts/triplicate_t4_poly_italic.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: light)" crossorigin>
  29. <link rel="preload" href="/static/david/css/fonts/triplicate_t3_regular.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: dark)" crossorigin>
  30. <link rel="preload" href="/static/david/css/fonts/triplicate_t3_bold.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: dark)" crossorigin>
  31. <link rel="preload" href="/static/david/css/fonts/triplicate_t3_italic.woff2" as="font" type="font/woff2" media="(prefers-color-scheme: dark)" crossorigin>
  32. <meta name="robots" content="noindex, nofollow">
  33. <meta content="origin-when-cross-origin" name="referrer">
  34. <!-- Canonical URL for SEO purposes -->
  35. <link rel="canonical" href="https://lucumr.pocoo.org/2020/4/3/contact-tracing/">
  36. <body class="remarkdown h1-underline h2-underline h3-underline hr-center ul-star pre-tick">
  37. <article>
  38. <h1>App Assisted Contact Tracing</h1>
  39. <h2><a href="https://lucumr.pocoo.org/2020/4/3/contact-tracing/">Source originale du contenu</a></h2>
  40. <p class=date>written on Friday, April 3, 2020
  41. <p>I don't know how I thought the world would look like 10 years ago, but a
  42. pandemic that prevents us from going outside was not what I was picturing.
  43. It's about three weeks now that I and my family are spending at home in
  44. Austria instead of going to work or having the kids at daycare, two of
  45. those weeks were under mandatory social distancing because of SARS-CoV-2.</p>
  46. <p>And as cute as <a class="reference external" href="https://en.wikipedia.org/wiki/Social_distancing">social distancing</a>
  47. and “flattening the curve” sounds at first, the consequences to our daily
  48. lives are beyond anything I could have imagined would happen in my
  49. lifetime.</p>
  50. <p>What is still conveniently forgotten is that the curve really only stays
  51. flat if we're doing this for a very, very long time. And quite frankly,
  52. I'm not sure for how long our society will be able to do this. Even just
  53. closing restaurants is costing tens of thousands of jobs and closing
  54. schools is going to set back the lives of many children growing up. Many
  55. people are currently separated from their loved ones with no easy way to
  56. get to them because international travel grinded to a halt.</p>
  57. <div class="section" id="technology-to-the-rescue">
  58. <h2>Technology to the Rescue</h2>
  59. <p>So to cut a very long story short: we can get away without social
  60. distancing with the help of technology. This is why: the most efficient
  61. way to fight the outbreak of a pandemic is isolating cases. If you can
  62. catch them before they can infect others you can starve the virus. Now
  63. the issue with this is obviously that you have people running around with
  64. the virus who can infect others but are not symptomatic. So we can only
  65. do the second next best thing: if we can find all the people they had
  66. contact with when they finally become symptomatic, we can narrow down the
  67. search radius for tests.</p>
  68. <p>So a very successful approach could be:</p>
  69. <ol class="arabic simple">
  70. <li>find a covid-19 suspect</li>
  71. <li>test the person</li>
  72. <li>when they are positive, test all of their close contacts</li>
  73. </ol>
  74. <p>So how do we find their cases? The tool of choice in many countries
  75. already are apps. They send out a beacon signal and collect beacon
  76. signals of other users around. When someone tests positive, healthcare
  77. services can notice contacts.</p>
  78. </div>
  79. <div class="section" id="avoiding-orwell">
  80. <h2>Avoiding Orwell</h2>
  81. <p>Now this is where it gets interesting. Let's take Austria for instance
  82. where I live. We have around 9 million residents here. Let's assume
  83. we're aiming for 60% of resident using that app. That sounds like a
  84. surveillance state and scalability nightmare for a country known for
  85. building scalable apps.</p>
  86. <p>But let's think for a moment what is actually necessary to achieve our
  87. goal: it turns out we could largely achieve what we want without a
  88. centralized infrastructure.</p>
  89. <p>Let's set the window of people we care about to something like 5 days.
  90. This means that if someone tests positive, that person's contacts of the
  91. last 5 days ideally get informed about a covid case they had contact with.
  92. How do we design such a system that it's not a privacy invading behemoth?</p>
  93. <p>The app upon installation would roll a random ID and store it. Then it
  94. encrypts the ID it just created with the public key of a central
  95. governmental authority and broadcasts it to other people around via
  96. bluetooth. It then cycles this ID in regular intervals.</p>
  97. <p>When another device (the infected person) sees this ID it measures signal
  98. strength and time observed. When enough time was spent with the other
  99. person and that contact was “close enough” it records the broadcast
  100. (encrypted ID) on the device. The device also just deletes records older
  101. than 5 days.</p>
  102. <p>When person is identified as infected they need to export the contacts
  103. from their app and send it to the health ministry. They could use their
  104. private key to decrypt the IDs and then get in contact with the
  105. potential contacts.</p>
  106. <p>How do they do that? One option does involve a system like a push
  107. notification service. That would obviously require the device to register
  108. their unique ID with a central server and a push notification channel but
  109. this would not reveal much.</p>
  110. <p>Another option could be to do the check in manually which would work for
  111. non connected IoT type of solutions. You could implement such a system as
  112. a token you need to regularly bring to a place to check if you are now
  113. considered a contact person. For instance one could deploy check-in
  114. stations at public transport hubs where you hold your token against and if
  115. one of your contacts was infected it would beep.</p>
  116. <p>Either way the central authority would not know who you are. Your only
  117. point of contact would be when you become a covid case. Most importantly
  118. this system could be created in a way where it's completely useless for
  119. tracking people but still be useful for contact tracing.</p>
  120. </div>
  121. <div class="section" id="the-phone-in-your-pocket">
  122. <h2>The Phone in your Pocket</h2>
  123. <p>I had conversations with a lot of people over the last few days about
  124. contact tracing apps and I noticed —&nbsp;particularly from technically minded
  125. people — an aversion against the idea of contact tracing via apps. This
  126. does not surprise me, because it's an emotional topic. However it does
  127. hammer home a point that people are very good at misjudging data privacy.</p>
  128. <p>Almost every person I know uses Google maps on their phone with location
  129. history enabled. With that, they also participate in a large data
  130. collection project where their location is constantly being transmitted to
  131. Google. They use this information to judge how fluid traffic is on the
  132. road, how many people are at stores, how busy public transit is etc. All
  133. that data is highly valuable and people love to use this data. I know I
  134. do. I'm also apparently entirely okay with that, even though I know there
  135. is an associated risk.</p>
  136. </div>
  137. <div class="section" id="the-future">
  138. <h2>The Future</h2>
  139. <p>My point here is a simple one: contact tracing if done well is
  140. significantly less privacy infringing than what many tech companies
  141. already do where we're okay with.</p>
  142. <p>I also believe that contact tracing via apps or hardware tokens is our
  143. best chance to return to a largely normal life without giving up all our
  144. civil liberties. I really hope that we're going to have informed and
  145. reasonable technical discussions about how to do contact tracing right and
  146. give this a fair chance.</p>
  147. </div>
  148. </article>
  149. <hr>
  150. <footer>
  151. <p>
  152. <a href="/david/" title="Aller à l’accueil">🏠</a> •
  153. <a href="/david/log/" title="Accès au flux RSS">🤖</a> •
  154. <a href="http://larlet.com" title="Go to my English profile" data-instant>🇨🇦</a> •
  155. <a href="mailto:david%40larlet.fr" title="Envoyer un courriel">📮</a> •
  156. <abbr title="Hébergeur : Alwaysdata, 62 rue Tiquetonne 75002 Paris, +33184162340">🧚</abbr>
  157. </p>
  158. </footer>
  159. <script src="/static/david/js/instantpage-3.0.0.min.js" type="module" defer></script>
  160. </body>
  161. </html>