All the while, the whole of Europe has one goal in mind: we want to return to normal life as soon as possible. A tool that can help with this is the so-called ‘Tracking App’. It is already in use in China, Singapore, South Korea and Israel. Now European governments also want to use the app in the fight against COVID-19. This week the PEPP-PT (Pan-European Privacy-Preserving Proximity Tracing) project was presented in Berlin. This technology is expected to be ready for use as early as mid-April.
The initiator of the non-profit PEPP-PT research project is the German IT entrepreneur and government consultant Hans-Christian Boos. He developed the COVID-19 tracking app together with a wide range of European scientists, research institutes and universities. Among them are the German institutes Fraunhofer-Heinrich-Hertz Berlin (HHI) and the Robert Koch Institute (RKI).
Containment of COVID-19
The aim of a COVID-19 Tracking App is to consistently track infection routes. Those affected are informed about an infection in an early stage and can therefore be isolated and treated accordingly early on. A positive example is the Chinese city of Shenzhen. Where, thanks to the app, the number of newly infected people per day was reduced to three in a relatively short period of time.
In Europe, too, measures are being sought to enable a swift return to normality. A key obstacle to the Tracking App, however, concerns data protection, which is enshrined in the General Data Protection Regulation (GDPR). Most politicians insist on voluntary use of the app. However, the success rate is raised by the more users there are. That is why tax incentives are also being discussed. However, this could lead to a false sense of goodwill.
Based on location data
The technology is based on Bluetooth Low Energy location data. If users are within the recommended distance of two meters, their smartphones will give out an identification number (ID). Users who have at some point tested positive for Covid-19 enter this information into their tracking app. The system subsequently informs everyone who the patient has been in contact with during the previous week.
The algorithm also has to be able to determine whether there is a wall or a window between the users. This can be while they’re inside a building or in a traffic jam. The basic idea was to measure the Bluetooth radio profiles of the most common smartphone models in Germany and then adapt the app accordingly.
Application can be integrated into existing apps
This is intentionally not a separate app, but a system that can be integrated into existing apps, Boos explains. This means that no other app needs to be downloaded. Users receive the tracking system automatically when they update existing apps. The tracking system is only activated after the user has given their permission. Once this is done, the smartphone generates a unique, constantly variable ID and transmits this via Bluetooth.
European standard
IDs also need to be given a country code in order to be able to trace the infection routes across several borders. PEPP-PT technology is also prepared for this. The countries must be provided with a common software basis. The software is made up of three elements:
- the above mentioned ‘front end’, which is capable of analyzing contacts via an algorithm and can be integrated into existing apps;;
- a ‘back end’ that is scalable for hundreds of millions of subscribers; it collects and distributes data from the apps;
- a secure interface that allows authorities to verify a user’s confirmed infection.
Testing with the German military
The company now plans to test the software in cooperation with the German military. At the same time, a debate on data protection needs to take place. According to Fraunhofer AISEC, the Covid-19 Tracking App does comply with data protection guidelines.
Fraunhofer AISEC states that no user movement profiles are created or movement data stored. Only contacts are stored: anonymously, locally on smartphones and for up to 21 days. Older IDs are automatically deleted. The information is stored in a decentralized manner. This has the additional advantage that there is no central point of attack in case of malicious use (hacking).
The ID is only transferred to the back end section in the event of an infection and after reconfirmation by the affected user. The storage period is also limited to 21 days here and data protection is guaranteed at all times, according to Fraunhofer experts.
Free access for everyone
PEPP-PT was founded in Switzerland as a non-profit organization. The technology will be freely available to everyone. Authorities of the individual countries can make use of a development platform. This will enable them to design apps that are uniform across Europe and also meet the criteria of the various national health systems. The common software basis will enable the exchange of cross-border alerts.
Also of interest:
Follow-up: Should Covid-19 measures override privacy?
Related Posts
