The Masquerade Ball – How COVID-19 Bluetooth tracking works
The announcement of South Africa’s official COVID-19 contact tracing app, COVID Alert SA, has sparked a fair amount of controversy and confusion. Although we don’t yet know how well it will work to reduce infection risk, concerns about privacy risks are mostly unfounded. The application is based on a clever use of technology that’s on almost every mobile phone today: Bluetooth.
But let’s leave tech jargon aside for a moment, and use an analogy to describe how it works.
The Masquerade Ball
One day, a beautiful invitation with ornate lettering arrives on your doorstep. You have been invited to a masquerade ball! All guests will stay strictly anonymous behind their masks, and everyone is asked to bring business cards with a fictional identity. You decide to call yourself Professor Plum, and have some cards printed.
The evening of the ball arrives, and you travel to the beautiful venue. As you step out of your car, you meet another guest in the parking area, who introduces herself as Miss Scarlet. You exchange business cards.
The ball is a wonderful affair, and you enjoy the conversation of Mrs White, Colonel Mustard, and Reverend Green. During each encounter, business cards with imaginary identities are exchanged. Later the evening you leave the ballroom to listen to music in the mansion’s conservatory, where you enjoy the company of Mrs Peacock. After a wonderful evening, you leave the ball.
A week later…
With the masquerade ball now just a fond memory, you settle back into your work routine. However, a week later you receive a message from the host: One of the guests has just tested positive for COVID-19, and there is a risk that other guests have been infected. The host does not know who the guest was who tested positive. The only information she received was a list of business cards in the infected guests’s possession. You see that Professor Plum’s name is on the list — it was someone with whom you were in close contact!
As a precaution, you confine yourself to your home for ten days. Luckily, you don’t present symptoms (but perhaps you were just asymptomatic?)
Digital Card Exchange
An important thing to note about the masquerade ball, is that no-one needed to know each others’ true identities — not even the host. Also, the actual location where the business cards were exchanged was immaterial. The fact that guests were in close enough proximity to exchange cards was enough. Also, guests kept their own stacks of business cards they collected. They didn’t have to disclose the list to anyone, except if they tested positive for COVID-19. If that happened, they could anonymously publish the list of cards they had (we still don’t know even the fictional identity of the guest who tested positive!) and other guests could check whether their secret identity appeared on the list.
The Bluetooth device on your smartphone can exchange such digital secrets with other phones that come in close proximity. With an exposure notification app, phones create new secret identities every 15–20 minutes, which are exchanged when another Bluetooth-enabled device comes close enough.
Bluetooth Low Energy
Bluetooth devices are used to create wireless connections in a very close area. If you use wireless headphones to listen to music from your phone or laptop, or have a fitness device that syncs your daily steps with an app, it most likely uses Bluetooth. Bluetooth Low Energy is a variant of Bluetooth that uses very little battery power, but can also communicate over several meters. Also, devices can use the signal strength from other Bluetooth devices to get a very rough idea of how far away they are. In this way, the presence of another Bluetooth signal can give a rough idea of whether a person is within “risk range” for infection.
Apple, Google and the Department of Health
Apple and Google built this exposure notification technology right into operating systems (Android and iOS) used by most smartphones today. It automates this “digital card exchange” process using very little battery power, and adds additional forms of encryption to make snooping of card exchanges even more difficult.
As a result, third-party apps (like the one commissioned by the Department of Health) need to know practically nothing about the phone or user, and certainly does not need any location information. The app itself is mostly a helpful interface to the exposure notification “card exchange” system. If you install the app, you’ll notice that it doesn’t ask you for any additional permissions, like the right to know your location or account details.
Can we rely on it?
If used widely, exposure notification can be another weapon in our arsenal against highly infectious diseases. The COVID Alert SA app makes “false positives” (where someone falsely claims to have tested positive for COVID-19) very difficult, since you need to verify your illness with a government-issued PIN on the result, as well as with your birth date.
On the other hand, “false negatives” (where you have been in contact with a carrier of the virus, but receive no alert) are very likely, since not everyone would have the app, and some people who tested positive may choose not to report their result. It is therefore important that people by no means relax their guard and assume that they will always be informed if they are at risk of infection.
However, it does provide a simple, cheap way to augment the more cumbersome methods of contact tracing (like those forms with names and phone numbers you have to fill in at businesses). Your privacy is well preserved — certainly more so than leaving your name and number at the places you visit.
Conclusion
Bluetooth-based exposure notification is a simple and privacy-preserving way to help manage the risk of infection. Although it cannot catch all risky incidents, it can help us better manage the cases where a “contact trace” was successful.
