Closed markalanrichards closed 4 years ago
tim-nhsx
commented
4 years ago Please refer to our security and privacy guidance https://covid19.nhs.uk/privacy-and-data.html - "The app will not be able to track your location and it cannot be used for monitoring whether people are self-isolating or for any law enforcement purposes."
markalanrichards
commented
4 years ago Please refer to our security and privacy guidance https://covid19.nhs.uk/privacy-and-data.html - "The app will not be able to track your location and it cannot be used for monitoring whether people are self-isolating or for any law enforcement purposes."
Thank you for your comment; but the issue already quotes that text.
Could you explain why my understanding of the data is wrong?
For instance 6 people enter a park 1 is a victim of a crime and has a BLE event. Is there enough data stored from BLE events on the 5 suspects phones for police to identify which one was next to the victim or which one was engaged in other social (non)interaction and can be ruled out.
Should the police seek warrants for the 5 users' phones? Should the users have the right to volunteer their BLE data to the police to rule them out of the investigation if innocent and it is evident, perhaps from their conflicting BLE data.
philipswift
commented
4 years ago Maybe going in too deep here? Possibly too granular for a timely App launch?
markalanrichards
commented
4 years ago Maybe going in too deep here? Possibly too granular for a timely App launch?
Why would this disrupt an app launch? I am only seeking clarity on whether the public can use this to assist in criminal investigations (whether voluntarily or if necessary by warrant). Crime hasn't stopped during lockdown and if there is a use case for this data; then how usable it is should be clear.
philipswift
commented
4 years ago It is outside the scope of the project. The only design brief for the App is to help stop people suffering/dying from Coronavirus. This alone would reduce the demand on under-resourced Police, CJS, CPS etc. They get were getting telephone calls where neighbours who do not get on (some almost 'at War'!), were complaining, asking for them to attend, with regards to social-distancing etc just to 'get-at' or annoy their neighbour. All we, 'the Public' needs to do, if they have a Smartphone, is download and install the 'Official' App from the Official URL and read and follow the instructions plus use a bit of common sense (phone with you all the time, switched on, Bluetooth, check battery drain etc).
Whether you have or do not have a Smartphone (excluding emulators), you will still get a snail-mail letter from Government with a questionnaire URL. If you have internet access and a device with a browser, (or can borrow one) then all people in a certain geographical area, will be expected to answer this questionnaire. Isle of Wight have had this.
This is not a 'let's see what else this can do' or 'what would this be useful for' project. You have totally valid questions however we probably need to only keep the single target in sight.
markalanrichards
commented
4 years ago This is not a 'let's see what else this can do' or 'what would this be useful for' project. You have totally valid questions however we probably need to only keep the single target in sight.
Whilst you may wish for NHSX to stick to a single target, it is NHSX that has chosen to make the statement about the law enforcement limitations. If you wish them to stick to a single target and not address tertiary uses, then perhaps ask them to remove the statement about tertiary uses.
In the meantime, it is right for the statement to be questioned and tested for accuracy by the public. I'm not asking for a feature change to the application to improve law enforcement capability; I'm only asking for the documentation to match the implementation if my concern that the documentation is wrong, is valid.
philipswift
commented
4 years ago OK :)
Xenoamor
commented
4 years ago Can't law enforcement use the Investigatory Powers Act 2016 to track your phone location anyway?
I don't know if they can use that for this data but it wouldn't surprise me if they tried
edent
commented
4 years ago I'm pasting this message in every active GitHub issue, so you may receive duplicate notifications.
Today, I'm happy to announce that NHSX has released the full git commit history for the Isle of Wight Beta apps.
As discussed, we have redacted API keys, sensitive domain names, and some of the developers' personal details. I am still waiting on final approval to publish the server-side code.
I would like to personally thank the community for your comments, bug reports, and vulnerability disclosures. They all went into helping the development process.
The beta trial of this app has now ended and we've moved to the next phase of app development. It is our intention to publish the source code of future apps as the binaries are released to the public.
Once again, thank you for being part of this.
Terence Eden Head of Open Technology - NHSX
Describe the bug A clear and concise description of what the bug is.
Firstly, anyone reading this, please can you double check my interpretation of what the code is doing and ideally actual apps; as I have not run the app, only looked through code and could be wrong.
I noticed on the website that:
https://covid19.nhs.uk/privacy-and-data.html
However, the application appears to capture, store locally and in some cases send to the backend the timestamp of BLE events to millisecond accuracy (storage, seconds for the web request?) which is likely shared in close proximity to the device that it connected to and is storing a similar event.
Millisecond accuracy is pretty granular and even second can be pretty revealing, especially in smaller communities.
Often the general public is not the list of suspects the police have for a crime; it is usually a far narrower list of suspects, so whilst timestamp pairs may be relatively anonymous for the rush hour commuters on the Central Line; they probably are less so for the set of people who were caught on CCTV entering a park in the evening where perhaps a mugging occurs.
So a few questions for this issue:
My read through the code:
https://github.com/nhsx/COVID-19-app-Android-BETA/blob/acfb01e3c40ac8f35cb85b55208e6efa3a10241d/app/src/main/java/uk/nhs/nhsx/sonar/android/app/ble/Scanner.kt#L38https://github.com/nhsx/COVID-19-app-Android-BETA/blob/acfb01e3c40ac8f35cb85b55208e6efa3a10241d/app/src/main/java/uk/nhs/nhsx/sonar/android/app/ble/Scanner.kt#L190https://github.com/nhsx/COVID-19-app-Android-BETA/blob/acfb01e3c40ac8f35cb85b55208e6efa3a10241d/app/src/main/java/uk/nhs/nhsx/sonar/android/app/ble/Scanner.kt#L210https://github.com/nhsx/COVID-19-app-Android-BETA/blob/acfb01e3c40ac8f35cb85b55208e6efa3a10241d/app/src/main/java/uk/nhs/nhsx/sonar/android/app/ble/SaveContactWorker.kt#L47https://github.com/nhsx/COVID-19-app-Android-BETA/blob/acfb01e3c40ac8f35cb85b55208e6efa3a10241d/app/src/main/java/uk/nhs/nhsx/sonar/android/app/diagnose/review/CoLocationApi.kt#L62To Reproduce Trigger a BLE event and check storage and then trigger a web request (diagnosis exercise?) that would send the events centrally?
Expected behaviour The documentation to be clear on this subject for law enforcement purposes.
Screenshots Sorry only a code review.
Desktop (please complete the following information): Git hash in the links for source code seen.
Smartphone (please complete the following information): Android app; suspect Ios is similar.
Additional context Add any other context about the problem here.