Open dirkx opened 4 years ago
carmelatroncoso
commented
4 years ago Hi @dirkx. The app does not inform people about being infected or not. This can only be done by taking a test at an authorized health entity. The system just informs users if they were close to an infected person. If from there users don't want to know, they are free to not take the test.
dirkx
commented
4 years ago @carmelatroncoso -- apologies - but you are mis-reading this.
It is not the receiving end of the data that I was flagging - but the requirements for the process of the infected person after taking a test at an authorized health entity.
When he or she is found to be infected - that person often, in the EU, has the right to NOT be informed of this - and for his app to no reveal such to him or her. But depending on the country - he or she may be obligated to have others informed and/or give his informed consent if such is not obligatory in that country.
I guess this may be taken care off by a special modus in the mobile app -- but it may be good to highlight in section 9. As this caused considerable delays and unpexected complexity in IT systems during, for example, the 90's when HIV came up.
Would you mind re-opening this issue ? As it is important that implementors that follow the EU toolbox guidelines are reminded of this early.
carmelatroncoso
commented
4 years ago We can reopen the issue, but informing about infection is not in the flow of the app. Found to be infected is a procedure carried out by the health authorities and the health authorities are the ones that communicate with the user.
Nor the protocol nor the app have any influence on how that notification happens. An app that includes such procedure goes beyond our goals (see white paper).
dirkx
commented
4 years ago Understood - but implementors will need to design the app in such a way that the two possible legal interactions are possible.
E.g. once the user is found infected and does not want to be informed; but either wants others to be informed -or- there is a legal obligation to do so -- a pathway is needed by which this can be done in such a away that the app in the users hand does not reveal wether or not he did divulge the seeds; yet does release the seeds to the authority.
carmelatroncoso
commented
4 years ago That is more interesting now :) We'll think if that can be done.
cascremers
commented
4 years ago This is an interesting case. There seem to be two obvious cases:
Option 2 might work for a limited case: individuals that do not live together with people that also have the app. However, if individuals want option 2 and live together with other app users, once they test positive, the other users get immediately notified, and the user can infer their status.
Would it be within the regulations to explicitly assign option 1 for this case?
dirkx
commented
4 years ago At case 1 - I try to cover this in the dutch specific example at https://github.com/dirkx/DP-3T-Documents/blob/implementation-profile-start/meta-arch/backoffice-process.md, bottom of the page, where I 'solve' on a lot of the mandatory stuff by having it done by a licensed professional in the context of a consultation (this why the nonce goes the wrong direction).
That makes the happening of 1 & 2 legal without the harming-an-individual /violating-a-person.
And - as you already surmise, makes 1 a non issue in ???all??? EU countries.
Now 2 indeed would be something like a pre-consent.
Above backoffice-process was written with that in mind - and in that path pre-consent is possible without the user revealing anything and no disclosure or loss of privacy in a no-infected situation. But that path relies on things which not all countries have (most do though esp, in the south of europe). I've not puzzled how this can be made more generic.
As to the last item - living with. I believe there is a lot of literature about this from the late 80-mid 90's for HIV - and my understanding is that the medical ethics allows for this.
jjtmp
commented
4 years ago @cascremers Concerning Option 2, you can solve this another way: the app loads the lists, sees a probability of being infected, and subsequently publishes the EphIDs of five following days as lower-probability-IDs. Maybe app could ask the user whether he/she feels well. If yes=well, reported probability-value is low, if no=unwell, reported probability-value is high. This way you don't need to provide a key.
dirkx
commented
4 years ago Since I got several emails challenging wether this is true - https://jme.bmj.com/content/30/5/435 gives a nice overview of this area; with (since we're mostly concerned about the EU):
At the national level, the right not to know is recognised by the French Law on Patients’ Rights, adopted in March 2002: “everyone has the right to be informed on his/her health status …. The person’s will to remain ignorant of diagnostic and prognostic information should be respected, except when third parties are exposed to a risk of transmission” (Article 1111-2, Public Health Code). Similar provisions can be found in the Dutch Medical Treatment Act of 1994 (Civil Code, Article 449), the Belgian Patient’s Rights Act of 2002 (Article 6), and the Hungarian Health Act of 1997 (Section 14.1).
And note that most of these law provisions are very generic / core. With some nice references to limits to these rights in http://blog.practicalethics.ox.ac.uk/2020/02/the-right-not-to-know-and-the-obligation-to-know/.
In some settings the patient has a right to not learn that they have been infected.
I guess this may be taken care off by a special modus in the mobile app -- but it may be good to highlight in section 9.