Not sure OP is the same as the GitHub developer, but I want to applaud whoever took the time to write out this idea in a professional yet understandable manner. I had fun reading the paper.<p>Unfortunately this idea is (mostly) dead in the water if it sticks with its current implementation. The reason is that both Android and iOS now engage in MAC address randomization <i>specifically to prevent</i> being tracked by their unique IDs. This "feature" was previously commercialized by stores and private surveillance to track people moving around in a city or indoor building.<p>Fixing this is not impossible. Instead of Bluetooth tracking, the app could simply just record your location every poll update and save it locally. There is no invasion of privacy if the location file is never uploaded to the cloud. When someone tests positive, they could just have their location file uploaded (anonymously) and every device could cross check its location history with the infected person's.<p>Technology is likely not the barrier here. Notifying and training medical personnel to effectively use the app is, and getting the general public to "buy in" will cost an absolute fortune (in advertising dollars) for little to no return. This is one of those network paradox problems where you need lots of people for the network to be useful, but the network has to be useful to attract lots of people. How do you solve that?
Hi, I'm the developer behind <a href="https://github.com/AVICOT-APP/Documentation" rel="nofollow">https://github.com/AVICOT-APP/Documentation</a><p>Thank you all for your valuable input - and sorry for the late reply: I posted under my own account (<a href="https://news.ycombinator.com/item?id=22462696" rel="nofollow">https://news.ycombinator.com/item?id=22462696</a>) - but this thread initiated by a friend was the one to be picked up.<p>I'll try to address some of the issues brought up under each comment later, but here is a few things to consider first:<p>The MAC address randomization is a key issue here. For the "level 0 list", though, it might not be that much of a problem: If the app also keeps track of its own actual MAC address(es), then these are what would be published in the "level 0 list", along with the corresponding time-index. I'll update the GitHub description to take this into account, but please help me answer some of these questions first (or, better, write me an email, so you can contribute directly to the AVICOT/Documentation repo) :<p>Does the randomization happen at each new invocation of Bluetooth?<p>Is it coupled with the "location services" as suggested by jackweirdy below?<p>Another important point is that of using location tracking instead, as suggested by c22. I had this exact scheme as the initial AVICOT concept, but abandoned it because even with one-way hashing of the coordinates of the space-time boxes, the locations (and thus identity) of the infected person can easily be calculated if the (hashed) "dangerous" space-time boxes are publicly available.<p>One really good point of using space-time location boxes is, that you can assign an infection risk to being at the same location, say 3 hours later (e.g. use an exponential risk decay with some suitable half-life parameter). This is not possible with the Bluetooth IDs. But unless we solve the anonymity issue in some way, I think the Bluetooth way is easier.
I have another app idea. Quite a bit less sophisticated than what's proposed in the article. But still technically challenging: it's called FaceWatch.<p>You use the accelerometers in a smartwatch to detect a hand getting closer to the face. If a threshold is breached an alarm is raised on your phone. The pavlovian response is to avoid touching your face and potentially spreading diseases from you hands.<p>Downsides:<p>You would need two smart watches.<p>You would need to code an "eating mode".
This idea reminds me of Apple’s approach to Find My offline device: [1]<p>> Find My can help you locate a missing device — even if it’s offline and sleeping — by sending out Bluetooth signals that can be detected by Apple devices in use nearby. These devices then relay the detected location of your device to iCloud so you can locate it in the Find My app. It’s all anonymous and encrypted end-to-end so no one, including Apple, knows the identity of any reporting device.<p>[1]: <a href="https://www.apple.com/icloud/find-my/" rel="nofollow">https://www.apple.com/icloud/find-my/</a>
@sunemai:<p>Just fyi, here in Germany a medical uni and some companies seem to currently do the geodata approach:<p><a href="https://www.heise.de/newsticker/meldung/Medizinische-Hochschule-Hannover-und-Ubilabs-entwickeln-Corona-App-4680487.html" rel="nofollow">https://www.heise.de/newsticker/meldung/Medizinische-Hochsch...</a><p><a href="https://www.geohealthapp.de/" rel="nofollow">https://www.geohealthapp.de/</a>
You can't.<p>The Chinese Government already deployed Health Code, which pulls data from cell towers to check for cross paths with confirmed or suspected patients, and shows on screen as green, yellow or red colored QR code.<p>To have this Bluetooth idea effective, you need to have sufficiently numbers of installation, and which can be insanely difficult if it weren't pushed by big corps or the government
This is a fantastic idea for retrospective infectious disease contact tracking. I hope this concept is picked up by WHO/government or at least put on a local trial.<p>Why don't phones already keep a local log of recent Bluetooth device IDs?
I'm not sure how the section on GDPR actually answers the question it poses. "Any technological solution that tries to mimic the contact tracking performed by medical authorities will automatically break GDPR. Or will it really?" The former has little to do with the latter. If you track PII that's a potential GDPR issue, no matter how humanistic the purpose of your app is. NAL but from the legal side this use case does not seem any different from ad tracking companies doing the same thing. What is the fictional "rephrasing" of what this does supposed to change about the legal implications?
Unless you love fascism this is a train wreck of awful.<p>It's also full of incorrect statements.<p>This is not true. The medical community does not agree with this for many diseases and many levels of "non-negligible virus threat"<p>> Every responsible human being should be interested in knowing if he or she presents a non-negligible virus threat to family, friends, colleagues and thus – ultimately – society in general.