Contact Tracing & Giant Data Collectors:
A Journey from Utopia to Dystopia?
On Tuesday, December 1, 2020
Start at 12:45 pm
Finish at 6:30 pm (CET)
Numerous countries have recently introduced apps for digital contact tracing to fight the COVID-19 pandemic. While some countries deployed a centralized approach to implement contact tracing and even extensively collected sensitive user information, a widespread debate on privacy broke out in Europe and US demanding for a decentralized and more privacy-preserving approach.
As the turmoil of contact tracing approaches was evolving, Google and Apple discovered an unprecedented friendship and agreed on their very special decentralized scheme for contact tracing called Exposure Notification API (GAEN), and quickly integrated into their mobile operating systems.
In this Web seminar international renowned experts will provide their research results and views on Digital Contact Tracing solutions. We critically discuss the deployed solutions with respect to their security, privacy and effectiveness. In particular, we discuss the risks and threats of using solutions that are provided by the giant data collectors (e.g., GAEN).
with Ahmad-Reza Sadeghi,
Technical University of Darmstadt
1 – 1:30 pm
Serge Vaudenay, EPFL
SwissCovid is the Swiss COVID-19 app for contact tracing. It is based on the Apple-Google Exposure Notification. It has been up since June 25.
Since then, we have learned how it works in real. In this presentation, we will review the legal basis, the security and privacy issues, the reliability of Bluetooth, and the performance of SwissCovid according to surveys.
1:30 – 2 pm
The Gaze of the Gorgon, A Trojan Horse or An Offer We Could Not Refuse?
Ivan Visconti, University of Salerno
This talk will overview privacy and integrity weaknesses of contact tracing systems a la GAEN, with a special focus on the Italian system “Immuni”.
2 – 2:30 pm
TousAntiCovid, the French contact tracing application
Claude Castelluccia, INRIA, France
This talk will present the TousAntiCovid application, as well as some of its current developments.
2:30 – 3 pm
Privacy-Preserving Bluetooth Contact Tracing: Designs and Challenges
Benny Pinkas, Bar Ilan University
This talk will first describe our technical design for a contact tracing app which was deployed by the Israeli Ministry of Health. The talk will highlight the differences in the approaches taken by different countries, the different vulnerabilities of different solutions, and the tension between private companies and governments.
3 – 3:30 pm
Contact-Tracing and the Potential for Voter Suppression
Rosario Gennaro, The City College of New York
In this talk I will survey how replay attacks leading to fake notifications in GAEN/DP3T based contact tracing apps could potentially be used to discourage people from voting. I will discuss the work of a group of activists in the USA (including myself) in our attempts at convincing shareholders to adopt countermeasures to mitigate this risk for the recent presidential elections. Although such an attack seems not to have been deployed at those elections, I will discuss what this could mean for the future.
3:30 – 4 pm
Proximity Tracing in an Ecosystem of Surveillance Capitalism
Joel Reardon, University of Calgary
Proximity tracing apps have been proposed as an aide in dealing with the COVID-19 crisis. Some of those apps leverage attenuation of Bluetooth beacons from mobile devices to build a record of proximate encounters between a pair of device owners. The underlying protocols are known to suffer from false positive and re-identification attacks.
We present evidence that the attacker’s difficulty in mounting such attacks has been overestimated. Indeed, an attacker leveraging a moderately successful app or SDK with Bluetooth and location access can eavesdrop and interfere with these proximity tracing systems at no hardware cost and perform these attacks against users who do not have this app or SDK installed. We describe concrete examples of actors who would be in a good position to execute such attacks.
We further present a novel attack, which we call a biosurveillance attack, which allows the attacker to monitor the exposure risk of a smartphone user who installs their app or SDK but who does not use any contact tracing system and may falsely believe they have opted out of the system. Through traffic auditing with an instrumented testbed, we characterize precisely the behaviour of one such SDK that we found in a handful of apps—but installed on more than one hundred million mobile devices. Its behaviour is functionally indistinguishable from a re-identification or biosurveillance attack and capable of executing a false positive attack with minimal effort.
4:00 – 4:30 pm
Contact tracing apps: an ethical roadmap
Marjolein Lanzing, University of Amsterdam
This research statement presents a roadmap for the ethical evaluation of contact tracing apps. Assuming the possible development of an effective and secure contact tracing app, this roadmap explores three ethical concerns—privacy, data monopolists and coercion- based on three scenarios. The first scenario envisions and critically evaluates an app that is built on the conceptualization of privacy as anonymity and a mere individual right rather than a social value. The second scenario sketches and critically discusses an app that adequately addresses privacy concerns but is facilitated by data monopolists such as Google and Apple. The final scenario discusses the coerced installation and use of a privacy-friendly, independently developed contact tracing app. The main worry is coercion through societal exclusion and limited societal participation. The statement concludes with three suggestions for designing an ethical contact tracing app and a research agenda.
4:30 – 5 pm
Contact Tracing: A Holistic Approach
Nuria Oliver, ELLIS (European Laboratory for Learning and Intelligent Systems)
In my talk I will present my views, after 8 months of intense work as Commissioner to the President of the Valencian Government on AI and Data Science against COVID-19, on contact tracing. What role do data, apps and humans play in the context of the pandemic?
5 – 5:30 pm
Why is exposure notification hard?
Stefano Tessaro, University of Washington
This talk will share a few objective and non-obvious lessons from the design and deployment of exposure notification (EN) systems. In the first part, I will explain why the GAEN-like approach was favored as the preferred protocol (and why other approaches ended up being less desirable). In the second part, I will discuss several challenges (both technical and nontechnical) that have been encountered while rolling out such systems and that should be addressed to ensure that EN can be effective and easily deployed.
5:30 – 5:45 pm
German Corona-Warn-App: Lessons learned and why we need to replace it!
Ahmad-Reza Sadeghi, Technical University of Darmstadt
German Contact Tracing App, called Corona-Warn-App, uses the Exposure Notification API (GAEN) provided by the data giants Google & Apple.
In this talk we shortly present our work in demonstrating the privacy and security threats of GAEN. We then discuss our experience with the German Tracing App, and raise the fundamental question of how effective this app is with respect to different metrics regarding real-world deployment. We believe that additional instruments need to be realized and the current app should be significantly updated to enable an effective deployment of digital technology in the fight against the pandemic.
5:45 – 6:45 pm
Open Panel discussion:
Gone with the Wind: European Sovereignty in Contact Tracing
Claude Castelluccia, INRIA, France
Alexandra Dmitrienko, University of Würzburg
Stephen Farrell, Trinity College Dublin
Peter Y. A. Ryan, University of Luxembourg
moderated by Ahmad-Reza Sadeghi,
Technical University of Darmstadt