A team of close to 130 people from 17 institutes, organisations and companies in Europe is developing a technology that is intended as an alternative to privacy-invading tracking technologies used in some countries in Asia to combat the COVID-19. Top experts from multiple European nations are working on an open-source Pan-European Privacy-Preserving Proximity Tracing initiative (PEPP-PT) to provide a complete framework and reference implementation to track and stop the transmission of COVID-19 rapidly and effectively by informing potentially exposed people they are carriers and still adhere to the EU’s heavy privacy regulations.
The core technology will detect users close enough to infect each other by analysing Bluetooth signals between mobile phones.
“Given these divergences, the European Data Protection Supervisor calls for a pan-European model COVID-19 mobile application, coordinated at EU level,” stated the head of the EU privacy watchdog, Wojciech Wiewiorowski. “Ideally, coordination with the World Health Organisation should also take place, to ensure data protection by design globally from the start,” he said to Reuters in a statement.
Interestingly there is no evidence at Github at press time, of any code yet and there has been no official statement of integrating Blockchain, Distributed Ledger Technology (DLT), Directed Acyclic Graphs (DAG) or Block Lattice Architecture (BLA) to help with privacy.
The project manifesto is after all “Decentralised Privacy-Preserving Proximity Tracing” gives the impression that it’s highly likely some kind of block-related technology will be used.
There is speculation that blockchain might and should be part of the framework in various places online.
Have you thought about storing the collected data on a blockchain (instead of regional central servers) for better international tracking? (e.g. self-quarantine indicated by the user, laboratory digitally signed positive test result or antibody test result) @marcelsalathe @PeppPt
— Ralph (@Szeta) April 1, 2020
The Github pages have little to offer on the technology yet, with a scant three-page brief, some general information about security and data protection and a White Paper drilling down, in parts, into the cryptographic aspects of a potential solution. It also states the decentralised proximity tracing process requires the participation of infected patient’s smartphones, all other smartphones, the backend, and the health authority. The backend will act solely as a communication platform and does not perform any processing.
This means that they need to manage the data in a distributed, decentralised network.
This, of course, aims to deal with a plethora of potential privacy concerns. But the group states they are aiming at putting privacy first and justly so as the European Union has spent time, effort and money at creating the General Data Protection Regulations (GDPR) for all member states. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
“No central entity that needs to be trusted A completely anonymous “contact tracing” without omniscient central server is technically possible. It is not technically necessary to rely solely on the trustworthiness and competence of an operator of a centralised infrastructure and to sufficiently protect users’ privacy.”
“We, therefore, reject concepts based on this from the outset as questionable. In addition, the security and trustworthiness of centralised systems – for example against linking IP addresses with anonymous user IDs – cannot be effectively checked for the users.”
“The security and confidentiality of the process must therefore only be guaranteed by the encryption and anonymisation concept and the verifiability of the source code.”(Translated via Google Translate)
The Chaos Computer Club is Europe’s largest association of hackers with 7700 registered members. Notable members of the CCC regularly function as expert witnesses for the German constitutional court, organise lawsuits and campaigns, or otherwise influence the political process.
Organisers of the pan-European project state that it’s important to note that PEPP-PT is about proximity tracing, not contact or location tracking.
Some of the experts involved, such as Prof. Bart Preneel (Flemish cryptographer and cryptanalyst) from the University of Leuven, Oxford University’s Dr. Reuben Binns (on the investigative Decentralised Personal Data team of UK thinktank SOCIAM: The Theory and Practice of Social Machines and the Blockchain & Society Policy Research Lab) as well as and Seda Gürses (currently at Delfu TU as well as the Institute for Information Law, at the University of Amsterdam) support the rumours of some kind of block technology will be used.
In a podcast released last week, Prof. Thomas Wiegand, FG-AI4H Chair, Professor, and Executive Director of Germany’s Fraunhofer Heinrich Hertz Institute stated:
“We are making sure that privacy is preserved according to GDPR rules for that. First of all, the big question is can health information be, with reasonable efforts, mapped back to a real person? This must be avoided under all circumstances.
“And so in order to make sure that that’s not the case, we have basically two mechanisms. One is that we do not use any personalised information in the system whatsoever nothing, no location, no phone number, no name, no Mac ID no geolocation, nothing.”
“Another mechanism is that all communication is obfuscated.”
“So, if you want to send a message to 200 people, you are actually sending a message to 200,000. And basically, within that, also the infinite traffic, you will not be able to determine whether the traffic (if somebody sniffs the traffic) that there’s (specific) health-related information being transmitted.”
“What we have built into the system is a randomised country code… basically it contains a country code where the uploads of the data from the fall of infected persons go to a Trust service.”
“And this Trust service can decrypt this randomise IDs to the extent that one byte contains the category records and the rest remains encrypted so the server would basically know which country to send the randomised data.”
“So, it’s a bit like mobile phone networks on the first GSM network where you would basically have the feature of roaming… so we have roaming-like capability in the system which is, I guess, a very fundamental European idea.”
“We’re currently doing field tests with an army barracks here in Berlin with 50 soldiers are basically going through certain normal societal scenarios and are measuring different positions of the phones with different types of phones, working on calibrating various phone types against each other.”
“We hope that we will have a system available that would be shipping in the second week of Easter.” (edited from rough transcript)
From the USA, associate professor at the New Jersey Institute of Technology Kurt Rohloff and CTO and co-founder of Duality Technologies (another co-founder is Shafi Goldwasser who co-invented ‘zero knowledge proofs’, a cryptographic feature which enables someone to prove a fact as true without revealing any information about that fact) was also on the podcast to reveal some of the work being done in the USA.
His company, Duality Technologies, aims to take “homomorphic encryption” mainstream.
“This, in some sense, this captures an article from the New Yorker magazine.”
“I’ve started to look at how one could run security analytics using privacy technologies such as homomorphic encryption and how we might use these technologies to do with privacy-protected contact tracing.”
“And we see the fear and want to protect privacy to make sure only people that need information get access to it and are approved and at the same time, we want to make sure that the people who actually need access do actually get access at the same time.”
“The initial product and capability that we’ve been focusing on is been driven by our team in Israel, but our team is international and split between the eastern coast of the US and Tel Aviv.”
During an online slide presentation he prepared in the podcast he added:
“And this is actually an article graphic from the CDC about the need for contact tracing this is finding everyone who came into contact with an infectious individual and going back and tracing through who has access and who hasn’t.”
“This basically includes everyone in COVID-19, who was in close proximity for the last 14 days. We have seen a number of countries that have been looking at this, and in our collective thinking is that contact tracing provides a much more quick and effective response than potentially locking down a country if done early enough, and effectively enough.”
“Another technology differential is dealing with privacy by generating aggregated data and then randomly generating noise, therefore limiting each party’s ability to reverse engineer individuals inputs. This is basically adding a level of statistical noise to a data set which allows for aggregated data analytics where individual precise results are not needed.”
“For example, in census data here in the US, differential privacy is sometimes problematic for medical applications because it lacks clinical precision. For some applications, meaning that results aren’t directionally correct but not necessarily precise. And a limited number and type of computations can be run due to added noise. The one that we’ll be focusing on particular is this notion of homomorphic encryption. For those of you that aren’t familiar with it, it provides an ability to take data, encrypt that data, run analytics on that data while encrypted without sharing keys while enabling end to end encryption and analytics.”
“One of the drawbacks of cryptography it can’t necessarily be used for line speed type computations, but it’s quite good for batch computations. In our proof-of-concept our notion of competent computing of encrypted data is that a data owner will encrypt their sensitive data using a public key and once encrypted send it to a cloud environment.”
“For example, run the data into a computation service like a generic cloud, and then run computations on that data while it is encrypted, then encrypt the results. The computation is run without sharing any decryption keys and the encrypted result is returned, then decrypted. We’ve been looking at how to use this for contact tracing in a privacy-protected manner, with the goal being to identify individuals exposed to COVID-19 based on location and time without exposing personally identifiable information. Using homomorphic encryption will also enable organisations to run analytics as well as the data is still encrypted.”
“The schematic of the data flow is to take a query, which has information about a perceived infectious individual, send that the individual’s information, encrypt individuals information, send it to up to a data location provider, run analytic on the encrypted computation to identify who is co-located and return information to a health agency, which could then decrypt results and identify individuals who have been exposed.”
“We have this running currently at scale with several hundred thousand participants and it will be available for municipal-level interactions.”
“The contract tracing capability that we have right now is developed has a secure plus query capability which can provide privacy-protected contact tracing that will enable both sharing and viewing information pertaining to the exposure of individuals.”
“For example, we can run this through a multiple query where the first query input is a unique identifier such as a phone number email of an identified infected individual and the date range of when they might have been infectious from getting tested and then identify who has been affected, then trying to identify how long they had been infectious, whether it’s for five days or 14 days before.”
“From the results of that query, get location information, date and date ranges and time ranges where the mobile device that the individual possessed, was located etc.”
“The privacy part of this, when the query is sent to, for example, the mobile phone carrier, the mobile phone carrier does not receive any information any medical information about who was infectious or not. But the health agencies get information about the location, back-tracing capability, location data, of the affected individuals.”
“The first concept is we start up with a screen that allows a generic interface for health workers to enter information about individuals, which can then be sent off for a query type operations with a data provider and then get these results which are decrypted locally with various timestamp information about where the individual’s location had been.”
“And then run a similar set of operations for the second where the healthcare agency can then follow up with the information to provide perfect and proper protection to society.”
“The underlying technology is based on the Palisade Homomorphic Encryption Library. It is a general purpose open source library built from a consortium of contributors including duality MIT, Raytheon, Lucent government systems, Intel and a few more and was heavily funded by DARPA and other parts of the R&D infrastructure of the US government.”
It is open source and released on the two-clause BSD license.
We feel it’s very, very important to use standard schemes, not proprietary cryptography. It is important to use open source implementations of cryptography which have been vetted by third parties, which is particularly why we like the palisade homomorphic encryption library.
“I’m heavily involved with it, but I encourage other people to look at it also. In another engagement with ITT we’ve been looking at privacy standards associated homomorphic encryption to define an industry standards consortium body to analyse the security and trustworthiness of the underlying schemes. I encourage you to get involved through homomorphic encryption dot org.”
“We see this notion of secure collaboration… of privacy technology being driven by trust. What we found is that when people decide whether to adopt a privacy technology or not, it is really driven by a trust argument, and which is one of the reasons that we are such strong advocates for only using open academic results of that have gone through the peer-review process in terms of cryptography schemes and why we advocate only the use of open source technologies, so they could be open and exposed and validated.”
“We are also very supportive of international standardisation processes for privacy security settings either other kinds of activities which allow for collaboration, interoperability, and a short notion of trust during collaboration, which is, of course, required for collaboration.”
“This has been a big thrust for us in the homomorphic encryption community to build this international consortium and engage with major organisations, both businesses, academics, international bodies, such as the ITU. I know that other privacy technologies also have similar ideas such as the zero knowledge proofs community, the secure multi-party community, and I believe there are others… and we’re starting to see broader uptake up-take of these technologies, specifically because of the engagement of them.”
“What we’re seeing right now is that there is a very healthy commercial ecosystem being built up around these technologies. I personally am a fan of that because it takes open source technologies and of course, helps to broaden this deployment in use and then fostering of open source and part and parcel of that is the adoption of these technologies by government and by enterprises.”
“You know we are very happy with the way things are going and see that the number of competitors in the market, both from startups and from large businesses – that have their own solutions. I believe that if you basically went to every one of the major tech firms, and even some of the smaller companies, every single one of them has a group that’s either building using or investigating privacy-enhancing technologies. My internet intuition is that it’s pretty widely deployed across the tech firms right now.” (edited from transcript)
The following people are behind the initial design of PEPP-PT:
- EPFL: Prof. Carmela Troncoso, Prof. Mathias Payer, Prof. Jean-Pierre Hubaux, Prof. Marcel
- Salathé, Prof. James Larus, Prof. Edouard Bugnion, Dr. Wouter Lueks, Theresa Stadler,
- Dr. Apostolos Pyrgelis, Dr. Daniele Antonioli, Ludovic Barman, Sylvain Chatel
- ETHZ: Prof. Kenneth Paterson, Prof. Srdjan Capkun, Prof. David Basin, Dennis Jackson
- KU Leuven: Prof. Bart Preneel, Prof. Nigel Smart, Dr. Dave Singelee, Dr. Aysajan Abidin
- TU Delft: Prof. Seda Gürses
- University College London: Dr. Michael Veale
- CISPA: Prof. Cas Cremers
- University of Oxford: Dr. Reuben Binns
- TU Berlin / Fraunhofer HHI: Prof. Thomas Wiegand
- University of Torino / ISI Foundation: Prof. Ciro Cattuto