The UK government’s Covid-19 contact-tracing app could be in the throes of a radical alteration in its nature, just as it has become available to download and use in its test zone on the Isle of Wight, based on a controversial centralised database that has drawn the ire of privacy and communications experts alike.
Developed by NHSX, the digital innovation arm of the UK’s health service, the contract-tracing app works by using Bluetooth to automate the “laborious” process of contact tracing and has the goal of reducing transmission of the virus by alerting people who may have been exposed, so they can take appropriate action.
Once installed, the app will use Bluetooth Low Energy to log the distance between a user’s smartphone and other phones nearby that also have the app installed. The anonymous log of how close users are to others will be stored securely on each user’s phone. If a user becomes unwell with symptoms of Covid-19, they can use the app to inform the NHS, which, subject to sophisticated risk analysis, will trigger an anonymous alert to those other app users with whom the user came into significant contact over the previous few days.
Yet almost as soon as the first details of the app’s capability were announced, critics weighed in with concerns about what the app could achieve and whether the UK public could or would make representative use of it. In particular, the main bone of contention was whether the app’s centralised nature would lead to privacy breaches and also whether it would be of any use at all if there was a lack of user uptake.
The other key question regarding the app’s potential surrounded the fact that the centralised approach meant users’ phones would need to be in constant powered-on mode for the app to function correctly, unlike alternatives using decentralised technology from Apple and Google.
Yet since the official go-live on the Isle of Wight, and despite the fact that centralised apps have been developed for use in countries such as France, Japan and, until recently, Germany, UK critics have hammered the use of the centralised concept, which has subsequently been defended by UK government scientists.
However, reports now suggest that the UK experts are actively working on a contact-tracing solution that is based on a decentralised model. The Financial Times reports that it has seen documents showing that the London office of Switzerland-based IT development firm Zuhlke Engineering has been awarded a multimillion-pound contract by NHSX.
The six-month contract to develop and support the Covid-19 contact-tracing app is said to be worth £3.8m with a start date of 6 May. The key element in the contract appears to be a requirement to “investigate the complexity, performance and feasibility of implementing native Apple and Google contact-tracing APIs [application programming interfaces] within the existing proximity mobile application and platform”.
Other UK news outlets had reported earlier in the day, and subsequently retracted, reports that Apple had made the ultra-rare move of freeing the codes of an internal Bluetooth API to enable the NHSX app to work in the background so as not to drain device power.
Insight into workings of NHS contact-tracing app
Computer Weekly talked to UK app and data recovery service Reincubate, which has been granted exclusive access to the app and insight into its workings. The company said that after testing the app until the morning of 7 May 2020, while there were questions about the app “staying alive”, and acknowledging that app developers have few options when it comes to keeping apps “alive” when they’re not active on a user’s device, the NHSX app has used “a few smart techniques” to gain better outcomes regarding power usage for an app detecting other devices.
In its analysis, Reincubate rebutted claims that the app uses private Bluetooth APIs by stating that the NHS Covid-19 app uses public Bluetooth APIs within iOS and doesn’t appear to take advantage of any special privileges. Instead, there are some clever techniques.
One of these techniques is focused on the behaviour of Bluetooth for suspended apps used on Apple iOS devices. Reincubate founder and CEO Aidan Fitzpatrick said: “We noted that Apple changes how an app can scan for new devices when suspended. Suspended apps aren’t able to correctly recognise devices that they haven’t seen before. It’s harder to look for signs of new devices, to communicate with them meaningfully, and in particular to identify non-Apple devices.”
Reincubate said it believed NHSX had approached the non-Apple device challenge the other way around. “Realising they couldn’t influence what iOS was doing in this regard, they’ve built clever stuff in their Android app to recognise the restricted, Apple-specific messages that a backgrounded app on an iOS device would send,” Fitzpatrick said.
“This gives the Android device enough information to be able to talk to the iOS device, waking it up into a state in which they can communicate. The situation without iOS is a little different; there’s a threshold whereby the NHS Covid-19 app can ‘go quiet’ when left in the background for a period of time, and device logs show examples of this. In this case, the app has been pushed to the background, but will be able to continue to scan (technically, 'broadcast') for over an hour and a half. Other events on the phone, including other apps using Bluetooth, can extend this.”
The company also claimed that in tests, iOS devices have continued to keep the background service running overnight.
As a consequence, Fitzpatrick concluded that it was not possible to say the app would become ineffective in iOS-to-iOS communication after a certain period of time. He added that there were some “less common” situations where iOS might try to completely suspend a background app, for instance where the system is running low on memory. Reincubate added that it was continuing to look into this and would be publishing more detail as things develop.
To date on 7 May there has been no official response by NHSX, but in a conference call attended by leading government scientists and Computer Weekly on 4 May, NHSX chief executive Mathew Gould stressed that even though there had been a lot of talk about the UK and Apple and Google taking different approaches, NHSX was working “very closely” with Apple and Google and that the development programmes were not “a competition”.
“There’s a huge amount of cooperation going on – we are all trying to achieve the same thing. And it’s natural for a new technology that we are testing different approaches and seeing what ‘unknown’ works,” Gould added.
“There are a good number of countries that are following a centralised approach like we are – for example, France, Japan and others – so it’s not the case that we’re going off in one direction and the entire rest of the world is going off in another. There’s a good number doing what we’re doing. We are talking to a range of countries, using all different models, about what an interoperable approach might be [and] how we can make sure systems can speak to each other. It’s not going to be straightforward, but it never is.”
Read more about contact-tracing apps
- Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee.
- Academics and comms industry experts challenge UK government scientists on their defence of NHS contact-tracing app, in particular the issue of centralised data gathering.
- The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far?
Read more on Mobile apps and software
VMware completes participation in UK contact-tracing app development
Partially accurate exposure notification may be best users get from UK contact tracing app
UK counts the cost as Ireland presses ahead with contact-tracing app
iPhone issues see UK government dump centralised model for Covid-19 contact-tracing app