Closed herionhonig closed 4 years ago
The issue here is that the Exposure Notification Framework on the mobile devices is pretty much stateless, i.e. there is no way of revoking a single set of diagnosis keys.
Unfortunately, I currently don't see a proper way to revoke a false positive.
False positives are rare in the first place, but I think it will be even much rarer that a false positive will be identified as such sufficiently quickly for such a revocation to have any impact.
@tklingbeil Does any of the involved parties – Gapple, our Federal Government, you developers – have a roadmap beyond version 1.0?
@MikeJayDee Has anybody done risk assessment across the entire testing and notification process to figure out failure modes and effects, and estimate their probability? There are multiple sources for errors: the tests themselves, the testing procedure and handling of results, BLE-based contact tracing. Do we have the slightest idea how reliable or unreliable notifications are going to be in the end?
BTW, Google's recommendation is: "You should design your database to accommodate bulk deletion due to abuse, broken apps, human error, or incorrect lab results."
As @tklingbeil answered the initial question, I'll close this issue. If you have further, concrete questions regarding roadmaps and risk assessment, we kindly ask you to raise them in separate issue to increase search-ability of the repo.
Best regards, TK Corona Warn-App Open Source Team
What is missing
If there was made a mistake by the lab resulting in a false positive. Is there planed any process for revoking this lab result? Otherwise, there are actions started unnecessarily with some consequences e.g. quarantine for victim and contacts.
Why should it be included
see above
Where should it be included
integration in architecture