Re: COVID-19 contacts tracker (Re: a brief pondering)
Christian <cdel@firsthand.net> Fri, 17 April 2020 10:17 UTC
Return-Path: <cdel@firsthand.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D240C3A0787 for <ietf@ietfa.amsl.com>; Fri, 17 Apr 2020 03:17:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.318
X-Spam-Level:
X-Spam-Status: No, score=-1.318 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=firsthand.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vHmb8xsTQ22c for <ietf@ietfa.amsl.com>; Fri, 17 Apr 2020 03:17:02 -0700 (PDT)
Received: from tranquility.default.cdelarrinaga.uk0.bigv.io (tranquility.default.cdelarrinaga.uk0.bigv.io [IPv6:2001:41c8:51:8b8::184]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D67983A0786 for <ietf@ietf.org>; Fri, 17 Apr 2020 03:17:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=firsthand.net; s=tranquility; h=Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To:Subject; bh=HsNE7DdhWFJIH2w3EM7Bu/9J3le/NAs0ank2ZgkrfKk=; b=tHAUdE4NRVXAjSr9Jkf2IDqoPMih87K9P85XvUvoOxG0rP7agAkUFlZKzgs2alhqYi3UcGqSNxQMw/soJNj7/dFdryFYrrCW5xJHmVtCiMyI4yeYu3wHDFaFUEl68vIZ/H5H5MJdMDAzjpdKhHDiobuHpDp2z7WT0XJEl/Z9pGg=;
Received: from 60.88.155.90.in-addr.arpa ([90.155.88.60] helo=[192.168.1.11]) by tranquility.default.cdelarrinaga.uk0.bigv.io with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <cdel@firsthand.net>) id 1jPO3O-00074T-47; Fri, 17 Apr 2020 11:16:58 +0100
Subject: Re: COVID-19 contacts tracker (Re: a brief pondering)
To: Rob Sayre <sayrer@gmail.com>, John Wroclawski <jtw@csail.mit.edu>
Cc: IETF discussion list <ietf@ietf.org>, Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>
References: <fd6b7ee2-cdbe-14a1-0087-ce61282b22f6@lear.ch> <29D0DCA7-1D72-428F-A6DD-05511D90C039@cable.comcast.com> <2fa6a8c8-7639-a378-2ff1-3f8697556b66@cisco.com> <24cd67ab-df5a-cc2f-745f-ace19d5325ea@network-heretics.com> <59D332BC-F85E-4744-A3D0-2514551154E8@csail.mit.edu> <4E92D147-3ED1-4109-ACC7-DFA16F1D41C2@gmail.com> <7EEFEEB4-CA51-4FFF-9BAA-857EAEA49FDD@csail.mit.edu> <CAChr6Sxet86chG81qLCGzKCzdJmZZ0L6Duh_hnk+tB5WYfaR0Q@mail.gmail.com> <2137617384.18423.1587048987734@appsuite-gw2.open-xchange.com> <D8F1A0A3-7FAC-4FA3-B119-C0609B731AA2@csail.mit.edu> <CAChr6SykUyCj8MUDddySQSjox+ygHZ3_8M0vof92v-kTq4A8nw@mail.gmail.com>
From: Christian <cdel@firsthand.net>
Message-ID: <e4a27626-27e6-077b-ac64-0bad2ea21dc6@firsthand.net>
Date: Fri, 17 Apr 2020 11:16:57 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0
MIME-Version: 1.0
In-Reply-To: <CAChr6SykUyCj8MUDddySQSjox+ygHZ3_8M0vof92v-kTq4A8nw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------42836BB37E540B54C27A2AB3"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/wpAdgo-iQ5KiRlZA1WqWLcKgL9I>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2020 10:17:04 -0000
Yes exactly. This data is otherwise available as part of the connectivity services (onto 3GPP networks) So I don't understand why using Bluetooth has become a thing - particularly with the proposed NHS app. It sort of breaks the architecture - not that that ever bothers a web app shop / developer. The idea I gather is that bluetooth locally holds device ids (Mac addresses?) of devices that come within range and so if an owner of a device comes into range of another device it will have a record of that. So what the NHS app developers are asking for is access to this bluetooth historic proximity data. That seems to miss some important points about the information epidemiological experts have informed us about corvid 19 so far. It persists on surfaces. It can be picked up off a surface and redeposited on another surface. It is not clear if covid-19 is mainly being transmitted due to face to face transmission, or via infected droplets being left on surfaces. Those infections do not reliably fall within the range of bluetooth. So the timescale when an infected person might have provided the virus to other people may well not coincide tightly with the location track of people using bluetooth. The bulk of infections may well fall outside the range of bluetooth. I think this needs to be investigated. As Rob and others have mentioned. Given we have pretty good location data anyway and given that bluetooth could lead to more false positives whilst completely missing many perhaps most transmissions. I think these app developers and health services really need to explain very clearly what it is they are trying to achieve. I agree with my namesake Christian H. The privacy and business / societal implications of getting this wrong are really serious. Christian de Larrinaga On 17/04/2020 01:33, Rob Sayre wrote: > On Thu, Apr 16, 2020 at 10:12 AM John Wroclawski <jtw@csail.mit.edu > <mailto:jtw@csail.mit.edu>> wrote: > > > > On Apr 16, 2020, at 10:56 AM, Vittorio Bertola > <vittorio.bertola=40open-xchange.com@dmarc.ietf.org > <mailto:40open-xchange.com@dmarc.ietf.org>> wrote: > > > >> Il 16/04/2020 09:18 Rob Sayre <sayrer@gmail.com > <mailto:sayrer@gmail.com>> ha scritto:o > >> It's not clear that any of these tracker proposals actually > harm privacy. Certainly the government in most places can get this > data from phone companies and correlate it themselves. > > No, because covid19-oriented contact tracing requires much more > precision than what can be provided by any location data that the > operators can trace through their cellular networks; location data > are unsuitable to determine a one-time contact with accuracy […] > (the other reason is that this approach allows you to trace > contacts even if the cellular and/or GPS connectivity is unavailable, > > Yes, exactly. The other interesting thing about the BTLE protocols > being proposed is that they’re being designed to report that you > came into close proximity to a person of interest, but not > (depending on details) where, exactly when, etc. This, plus > requiring you to explicitly release your tracking information, is > the sense in which they’re “privacy preserving” - implementing > minimum semantics needed for this specific purpose and no more. > > Of course, one could always cross-correlate with other information > (eg, cell-tower-trianguation-level location tracking) to peel some > of this back. But if you’re worried about that, the next > observation is that the BTLE protocols work even if your LTE radio > is turned off - they remember things for later. So you can, at > least conceptually, carry your phone with the wide area radio off > when you want to, and still learn retrospectively that you were in > proximity to a contact. > > > Here are some angles being tried: > https://www.wsj.com/articles/government-tracking-how-people-move-around-in-coronavirus-pandemic-11585393202 > https://twitter.com/TectonixGEO/status/1242628347034767361 > > BTLE would be more accurate, but it does seem like other data sources > are good enough to get within 10m. Even with BTLE, there are cases > like the phone running out of batteries or just not carrying one... > > thanks, > Rob
- Re: a brief pondering Livingood, Jason
- a brief pondering Eliot Lear
- Re: a brief pondering Narelle Clark
- Re: a brief pondering Carsten Bormann
- Re: a brief pondering Michael Tuexen
- Re: a brief pondering Nick Hilliard
- Re: a brief pondering Carsten Bormann
- Re: a brief pondering Spencer Dawkins at IETF
- Re: a brief pondering Michael Tuexen
- Re: a brief pondering Adam Roach
- Re: a brief pondering Adam Roach
- WebRTC (Re: a brief pondering) Harald Alvestrand
- Re: a brief pondering Michael Richardson
- Re: a brief pondering Phillip Hallam-Baker
- Re: a brief pondering Narelle Clark
- Re: a brief pondering Toerless Eckert
- Re: a brief pondering Nick Hilliard
- Off-topic: making WebRTC work in practice (Re: a … Carsten Bormann
- Re: Off-topic: making WebRTC work in practice (Re… Spencer Dawkins at IETF
- Re: Off-topic: making WebRTC work in practice (Re… Carsten Bormann
- Re: Off-topic: making WebRTC work in practice (Re… Philipp Hancke
- Re: Off-topic: making WebRTC work in practice (Re… Cullen Jennings
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Benjamin Kaduk
- Re: Off-topic: making WebRTC work in practice (Re… Bob Hinden
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- RE: Off-topic: making WebRTC work in practice (Re… Larry Masinter
- Re: Off-topic: making WebRTC work in practice (Re… Keith Moore
- Re: Off-topic: making WebRTC work in practice (Re… Phillip Hallam-Baker
- Re: Off-topic: making WebRTC work in practice (Re… Michael Richardson
- Re: Off-topic: making WebRTC work in practice (Re… Eric Rescorla
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Peter Saint-Andre
- Re: Off-topic: making WebRTC work in practice (Re… Nico Williams
- Re: Off-topic: making WebRTC work in practice (Re… Cullen Jennings
- Re: Off-topic: making WebRTC work in practice (Re… Mary B
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Simon Pietro Romano
- Re: Off-topic: making WebRTC work in practice (Re… Toerless Eckert
- Implementation requirement (Re: Off-topic: making… Harald Alvestrand
- COVID-19 contacts tracker (Re: a brief pondering) Benoit Claise
- Re: COVID-19 contacts tracker (Re: a brief ponder… Carsten Bormann
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Bob Hinden
- Re: COVID-19 contacts tracker (Re: a brief ponder… Dirk-Willem van Gulik
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… Joel M. Halpern
- Re: COVID-19 contacts tracker (Re: a brief ponder… Eric Vyncke (evyncke)
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rob Sayre
- Re: COVID-19 contacts tracker (Re: a brief ponder… Fred Baker
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rich Kulawiec
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… Vittorio Bertola
- Re: COVID-19 contacts tracker (Re: a brief ponder… Stephane Bortzmeyer
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian Huitema
- Re: COVID-19 contacts tracker (Re: a brief ponder… Jeff Tantsura
- Re: COVID-19 contacts tracker (Re: a brief ponder… Robert Raszuk
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rob Sayre
- Re: COVID-19 contacts tracker (Re: a brief ponder… Phillip Hallam-Baker
- Re: COVID-19 contacts tracker (Re: a brief ponder… Harish Pillay
- RE: COVID-19 contacts tracker (Re: a brief ponder… Andrew Campling
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rich Kulawiec
- Re: COVID-19 contacts tracker (Re: a brief ponder… Stephane Bortzmeyer
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian
- Re: WebRTC (Re: a brief pondering) Cullen Jennings