The technology and privacy tradeoffs behind COVID-19 contact tracing apps

Listen 1:31
Pennsylvania recently started using Sara Alert, a disease monitoring tool from the research organization Mitre.

Pennsylvania recently started using Sara Alert, a disease monitoring tool from the research organization Mitre.

Are you on the front lines of the coronavirus? Help us report on the pandemic.

A key part of containing the spread of an infectious disease like COVID-19 is contact tracing: Figure out who an infected person has been with, watch them to see if they develop symptoms, and ask them to stay away from still more people.

Volunteers and health workers do a lot of this work, but now Pennsylvania and other states are using smartphones to do it on a larger scale more quickly.

Pennsylvania’s plans for contact tracing include using an online tool from the nonprofit research organization MITRE to monitor people who are infected, or at risk of developing COVID-19 — it started using the tool this week and added its first two patients to the system, according to state Health Secretary Rachel Levine. The state is also looking into a Bluetooth system to alert people who may have been exposed to someone with COVID-19. Apple and Google have worked together on a platform that public health authorities can use.

However, those officials will have to decide where to strike the balance between gathering more information and protecting privacy. And any tech-based contact tracing tool will only work if sufficient people trust the government enough to install it.

Paul Jarris, chief medical adviser at MITRE, said he sees it as a funneling process: A state could make an app using the Apple/Google platform so your phone would notify you if you got close to someone with COVID-19.

But that’s a lot of people. So public health officials or health workers could decide if you needed to self-quarantine and be monitored using the MITRE system. You would enter your symptoms daily via web, text, email or phone, and health workers would figure out who you had been in contact with while you were spreading the virus, and focus on people at high risk.

“It’s an important tool for public health now as we relax some of the social distancing because … we will likely see some rebounds of illness,” Jarris said. “What we want to do is to identify those rebounds as quickly as possible, and if you will, put the brush fires out before we have another major forest fire on our hands, with widespread community outbreak.”

In the United States, Pennsylvania, Washington state, Vermont, Arkansas, and the Northern Mariana Islands now use MITRE’s system, and 12 to 15 other places are considering it, Jarris said.

His team of epidemiologists had experience dealing with the 2003 SARS outbreak, Ebola, H1N1, and Zika, Jarris said. They developed the tool last summer, and worked with state and local public health officials as soon as the pandemic began earlier this year. It can be modified for additional infectious diseases by targeting their symptoms, incubation periods, and other features, he said.

Still, public health officials have to balance user privacy over getting more information about the coronavirus pandemic, said Daphne Ippolito, a doctoral student in computer science at the University of Pennsylvania. She co-authored a paper released in late March on the privacy considerations of contact tracing apps. Ippolito is also working with University of Toronto mathematician and computer scientist William Yu on a contact tracing app for MILA, a research institution in Canada.

Ippolito explained that a contact tracing app has to have some sense of where you are in relation to other people, and whether you and the other people have COVID-19 or not.

For example, Ippolito said, the fully automatic Bluetooth platform from Apple and Google does not record any location data; it only records information about who has been around a person, in the form of anonymous beacons that change regularly. If one person becomes infected with COVID-19 and records that in the app, a server can broadcast that to everyone with the app, and your individual phone uses that information to figure out if you have been close to the anonymous beacons of that COVID-19 patient. No data is exchanged about anyone who is not infected.

“The Apple/Google approach is pretty privacy-preserving because it prevents the central authority or whoever is controlling the server … from getting information about who has been in contact with whom,” Ippolito said.

A different approach would be to directly record a person’s location data, which is what an app from MIT does. The location data is recorded, redacted and blurred, Ippolito said, but it is sent to a server if someone is infected with COVID-19, and public health authorities could use it to build a map of locations where a lot of infected people have gathered.

So in exchange for more information about where the disease is spreading, users who have COVID-19 have to give up some data about where they have been.

“The more private you make the system, the less tools we can give the government or health authorities to track the spread of the virus, and obviously it’s really useful to be able to know where are the hot spots,” Ippolito said.

These are important questions, Ippolito and Yu said, because a contact tracing app is only successful if a lot of people use it. The Washington Post and the University of Maryland polled a national sample of more than 1,000 adults last month and found that 41% would not use an app from Apple and Google to report whether they had been close to someone with COVID-19. Eighteen percent of those polled did not have smartphones.

Singapore developed a contact tracing app, but, according to the Straits Times, only about 1 in 6 people had downloaded it as of early April, and a government minister said they needed something like three-quarters of the population to do so.

Yu said it’s a difficult balance because a contact tracing app is still a tracking device, albeit a very restricted one with a narrow focus, so anything seen as less private could make it less appealing to users. In this country, the government cannot force people to download an app. And though there has not been a pandemic of this scale with so many people carrying smartphones, issues of privacy and public health go as far back as the spread of AIDS in the 1980s.

“You need to think really hard about how much users trust the government, trust health authorities, trust Apple and Google, and how to balance the need for mass adoption with the desire for getting more information,” Yu said.

Experts also say automatic contact tracing on its own will not stop the spread of disease. A law professor, a biologist, and a technologist wrote for the Brookings Institution that not everyone has a smartphone with them at all times and not all contact with someone with COVID-19 will lead to spread of the disease, so the apps could cast a wide net, ask a lot of people to self-quarantine, and lead people to disregard the warnings after a while.

“The lure of automating the painstaking process of contact tracing is apparent,” wrote Ashkan Soltani, Ryan Calo and Carl Bergstrom. “But to date, no one has demonstrated that it’s possible to do so reliably despite numerous concurrent attempts. Apps that notify participants of disclosure could, on the margins and in the right conditions, help direct testing resources to those at higher risk. Anything else strikes us as implausible at best, and dangerous at worst.”

WHYY’s Emily Scott contributed reporting. 

Want a digest of WHYY’s programs, events & stories? Sign up for our weekly newsletter.

Together we can reach 100% of WHYY’s fiscal year goal