Last argument before Robert's death

[pelinquin]

Hello Robert Desire ! There is an argument that seems to me to be unstoppable in favor of a decentralized solution such as DP-3T or TCN compared to a centralized solution such as Robert/Desire (France) or NHS (UK), in addition to the requirement of interoperability : During a contact, it is possible to capture a lot of information on the quality of the contact (distance, duration, Plexiglas presence, geoloc. data, date, age of the contact,...) but all this personal information must never leave the smartphone. In addition, the smartphone has personal information such as the age of the person, his place of residence, place of work, medical history, occupation, etc. With a centralized approach, the calculation of the risk of contagion is done on the server side, without taking into account the quality of contacts nor personal information, because the GDPR prohibits this. The result is therefore unreliable, with probably many false positives. In the decentralized approach, the multi-dimensional risk assessment is carried out with all data and locally on the smartphone, therefore for a much more reliable result, much more personalized, without posing any problem with the GDPR. To avoid self-diagnosis, the user is invited to communicate the risk vector to the health authorities to find out whether he is a priority for a test, what type of test (serological or PCR) and what quarantine measures he is advised to take.

To put it another way, the epidemiological model embedded on a smartphone is always more complete than the one on a central server because of the principle of minimizing the feedback of users' personal information in order to satisfy the GDPR.

The risk vector has at least two dimensions so that it can never be interpreted as a Chinese-style social score and is dependent on the data freely entered by the user on his smartphone. This vector can be the couple:

• the risk/probability of contagion (order 1),
• Uncertainty in risk assessment (order 2)

[vincent-grenoble]

Hello @pelinquin. Thank you for the feedback. At first glance, one would easily agree with such claims. However the reality is much more complex. Oxford epidemiologists have just published a key scientific article on the subject, leading to totally opposite conclusions (p.17, "Conclusion"):

Decisions taken at this stage will benefit from a clear understanding of the trade-offs between the three aims: preserving privacy, reducing infections, and minimising the number of people required to isolate. The trade-offs could be reduced if a system emerges that combines benefits of each option and reduces drawbacks. At the present time, with sufficient oversight to ensure privacy is maintained in the centralised system, and if this oversight is transparent enough to encourage uptake, the centralised option will give more options to suppress COVID epidemic spread.

We don't have anything to add from this point of view. Cheers.

https://github.com/BDI-pathogens/covid-19_instant_tracing/blob/master/Centralised%20and%20decentralised%20systems%20for%20contact%20tracing.pdf

[lcoulet]

Vincent, indeed a centralized approach would be more efficient to prevent epidemic spread. But I believe you miss the point.

Massively adopted contact tracing, which implies confidence from users, is the main requirement. Only a decentralized approach, with massive open source and excellent communciation can achieve this... And even given those it will not be easy.

It is in my own opinion indeed, but also the opinion from many other citizens and residents of the country.

I do not want to dismiss the quality of your work, I had not time to analyze the quality of the protocol and security mechanisms that you want to put in place, I am almost certain it is good work.

But these projects (Stop COVID and ROBERT) are backed by the French government which itself earns very little trust by the population.

Your will to have a centralized protocol and to dismiss other options is perceived as arrogant and irresponsible by many people including myself, and will in fact prevent large adoption.

A failure in the contact tracing can have terrible effects on the epidemic spread (implying casualties, and social and economic distasters) would be an important uptake for the INRIA and the French government, which will be held responsible for such a failure by the population.

Maybe you should get more people on it, consider revising the protocol, and start having better communication towards engineers, scientists, and general population.

Edit: As I read back my comment on this issue it sounds too much like a harsh criticism... It is not my intent and I have genuine respect for your work. I apologize for the tone and not getting my point clearly. My point is not a technical issue, but a political one, people in France give very low trust to government, and this might lead to a failure in general adoption of the solution.
This is the first target in my opinion that is needed to address: ensure the protocol is generally trusted, that the derived system is trusted and ensure good adoption.

[pelinquin]

What Inria people do not seem to see is that future CS architecture may be more like this: https://adox.io/lipodai1.pdf In that scheme, any citizen does not have to trust any one or any server, just he ask a code to be able to upload data and ask for a certificate to prove to its employer that he can be paid with quarantine.

But à level 3 (Adult) you need to provide a real digital crypto key, first to sign Signature is the key to freedom