COVID-19: Privacy-respecting alerts

Cover Image for COVID-19: Privacy-respecting alerts
Florian Guitton
Florian Guitton

Governments across the world are evaluating means to safely move out of COVID-19 lockdown. The most effective solutions appear to be contact-tracing mobile applications developed to notify users of potential encounters with infected people and advise them to self-isolate and get tested.

Imperial College London has proposed simple and efficient privacy-respecting solutions, based on anonymised identifiers and consent. Many initiatives are following these guidelines or have similar approaches.

These apps would need to be installed by 60% of the population to be effective. Some apps may reach this threshold locally but not globally. Once the lockdown is relaxed, people will start travelling again, and some will likely be crossing borders. At this point, local effectiveness will no longer be sufficient, and a minimum of global collaboration will be required.

On top of these new apps, tech giants and many mobile applications (for commuters, joggers) already have the necessary data to compute contacts. We believe that reconciling contacts from all possible sources, globally and in a privacy-respecting way will maximise the impact.

As the most advanced company in distributed confidential computing, we can perform reconciliations of encrypted data, at scale, without disclosing anything to anyone, not even us.

We spent the last few weeks designing a neutral, auditable, and remotely verifiable service, to help public agencies accomplish this goal. When a user reports as infected, the encrypted service will securely reconcile data from all sources, and each source will be able to inform users via their app. To seed the service, we are building and open-sourcing a mobile application relying on Bluetooth tracing.

We have also designed ways for users reporting as infected to request a confirmation from their local health professionals. The goal is to prevent misuse and reduce the level of anxiety this service could generate.