I don't know, perhaps I am too naive. I would not have thought that a client could talk to a server over the Internet such that one does not know the other, and yet clever cryptographers have found a way to do it.
As I read more, it seems more clear that this system cannot be truly anonymous, but pseudonymous at best. Aside from building transparency end-to-end, maybe one can also fragment the data such that no entity has the whole picture, while still being useful to health workers. For example, does a doctor in NY need to know about every patient in CA, or can they work with broader statistics? That could suggest a decentralized data storage. If the system is tracing contacts automatically, and we no longer need human tracers, does a doctor need to know who the infected person was in contact with and all the places they have been, or can they simply work with the fact that the person is infected? Perhaps a system can be made such that only the doctor can reveal a person's identity (to follow up on them and such), and to everyone else the log is just a sea of random numbers. This way, corporations/governments trying to exploit the social graph have limited knowledge on the underlying personas, while the doctors can go on about their business with the power to reveal identities but without a full picture of the social graph. In essence, since the system won't be anonymous, make it such that no one has the full picture (especially governments and advertising companies). But I don't know if this system would be useful or if it's even possible to build. On 4/26/20 11:16 AM, Zach Bastick wrote: > > On Sat, 25 Apr 2020 Marc Sunet wrote: > > The video makes constant references to "the location service", which > appears to track your location both outdoors (GPS?) and indoors > (wifi? What if I don't turn it on?). For cases (2) and (3) to work, my > understanding is that both person 1 and 2 need to be connected to > the same service, suggesting a central service? And you state that > the device contains an "encrypted record that is a function of their > identity". So basically, you're suggesting a central service that > identifies and tracks people everywhere they go? > > > Such constraints actually might work well in a medical facility (which > is the example David gives). Rooms can be delineated not by Bluetooth > beacons or WIFI, but simply by door access badges (although that > involves employee tracking concerns). Regarding anonymity, would it > not presumably be expected that healthcare workers exposed to COVID-19 > be identifiable anyway to peers/employers (for the protection of > patients and the workers own welfare, e.g. testing and sick leave)? > > Zach -- GPG: 9C2A AF1D CC91 0A53 AB0A B6A1 C457 0E01 081F 8F91 https://emailselfdefense.fsf.org/
-- Liberationtech is public & archives are searchable from any major commercial search engine. Violations of list guidelines will get you moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe, change to digest mode, or change password by emailing [email protected].
