Hacker News new | past | comments | ask | show | jobs | submit login
Me on Covid-19 contact tracing apps (schneier.com)
167 points by generalpass on May 1, 2020 | hide | past | favorite | 128 comments



This is a weak argument from Schneier.

Most of his concerns (false positives, false negatives) also apply to contact tracing done by humans, which he advocates at the end of his article.

If a medical professional interviews you about your contacts, you have to remember who they were. If you forget someone, or didn't know their name, that's a false negative. Someone you report you had coffee with, but who doesn't get the disease, is a false positive.

Apps have different limitations, and need adoption to be useful, and that's a problem societies will have to consider. There's also legit privacy concerns.

But the very broad argument made in that post is silly.

You just don't need to stop every transmission to stop the disease. Even stopping 70%, via a range of measures, is about enough. You can tolerate some errors.


The concern is that if the app just gives you a ton of alerts, because maybe you encountered someone in the street with the virus but it's unlikely that you have been infected, people will simply ignore that alterts (or simply uninstall the apps), because you know, who wants to be quaranteened for 2 weeks because there is the remote possibility of having the virus? Maybe they do that on the first alert, at the second one they says who cares, I need to carry on with my business.

One could argue that who recieves the notification should not quaraneen but get tested immediately, well we know that we don't have the resources to test all these people, in my country they don't even test people with symptoms if they are not severe enought, let alone test someone because an app says so.

Also an app could give a false sense of security, that is particularly bad. The app only can say if you got in contact with a positive that also had the app, that quite frankly will not be common, first because not everyone has a compatible phone (in my country only 70% of people have a smartphone, also you need an updated phone to install the app, on iOS the APIs that will make it work are just being released in the next iOS beta), then the app will be voluntary and thus not everyone with a compatible phone will install it, for privacy concerns or other reaons (like not being forced to quaranteen for the remote possibility of having been infected).

Thus I predict that maybe we are lucky if 20% of people have the app (that is compatible to what happened in the countries that already adopted it). And that is a percentage that make the app itself useless, because you have too few data.


> if the app just gives you a ton of alerts, because maybe you encountered someone in the street with the virus

If I'm not mistaken, the protocol as currently defined by Apple and Google only flags an exposure if you have seen at least two different beacon payloads from the same issuer. The payload changes every 5 minutes, so you would usually not receive an exposure notification when an infected person just passes by you on the street. You might see one of their beacons, but probably not two, and most probably not two beacons with different payloads.


You're right that human contact-tracing also has false positives/negatives. I think a better question is how does the error rate compare? The worry is that automated exposure tracking will pick up many more false positives than humans will because it's hard to judge how likely a transmission occurred. A phone doesn't know if there are barriers between people (walls, PPE).

The downside to a higher false positive/negative rate is that you'll create more false alarms. At some point, people will start ignoring false alarms. With phone tracking, you are probably trading off many more false positives for a couple fewer false negatives. It's unclear whether this tradeoff is worth it because we don't know how people will respond long-run to automated exposure notifications.


The dichotomy isn't between the app or a medical professional guessing, based on contacts, whether someone might be infected and whether they should self-quarantine. The dichotomy is between guessing infection based on contacts and testing for infection.


You may be misunderstanding the purpose of contact tracing?

It's not to guess whether a patient you have is infected. It is to find the people that patient has infected before those infect more people.

If things are being run properly:

1. Someone shows up with the disease. (Tests positive, or clinical.)

2. You find their contacts, either by app or interview or both.

3. You tell those contacts to quarantine, hopefully before they've become infectious, breaking onward spread.

4. If they test negative and don't display symptoms, they stop quarantine.

Unless you mean to test everyone every day? Sounds good, but then you need way more tests than countries have been able to make so far, and they have to be very sensitive and specific too, even before someone is infectious.


Schneier seems to misunderstand this as well. Contact tracing is to find the next people to test, because you can't test everyone every week. Schneier calls it a "false positive" when transmission doesn't occur, but as far as contact tracing goes, it's only a false positive if no transmission could have possibly occurred.


Interesting, thanks for the explanation!

Do you know where can I learn more about contact tracing?


The authors point, as I understand it, is that the app is not a useful tool for contact tracing due to the propensity for false responses.

The R0 of of the virus is somewhere between 2 and 5, meaning that the average person passes it on to 2-5 people. How many people does urbanite come within proximity of within a 14 day period, 100? 1000?

Also, some portion of those 2-5 may never have come in contact due to surface transmission, or be obvious without the app, such as intimidate family.

The question then becomes who will trust the app enough to self quarantine for 14 days.


Regarding 3) - should they quarantine regardless or just if the get ill?


It it depends on the pandemic. The reason COVID-19 has upended the world is that our usual metric "if they get ill" doesn't work. It doesn't work in this case, because many people with the virus show no signs while they are contagious, with some (many?) never showing signs they were ever sick.

Worse, because COVID-19 is new, we are still learning details about it performs. The current recommendation to quarantine for 14-days is based on what little we do know - which is that people exposed to the virus may show no symptoms for 14-days. There are cases of it taking more time, and there are also cases of it taking shorter time, but 14-days is what's currently recommended. Because we're still learning how the virus performs, testing is far from foolproof. A test that says negative for the virus just means that the test says negative. The swap could have missed the virus even though a person has it.

Thus, if reopening is to avoid a second wave of cases, they must quarantine until either the 14-days are up (and even then), or we (humanity) learn enough more and are able to give tests that are more widely trusted.

"Quarantine regardless" is pejorative - it makes it sound like quarantine is just for the sake of it. With more knowledge and better technology, the 14-days could possibly be reduced, but the quarantine is one of the oldest medical technologies we have - an empirical test for "do you have the virus".


You are infectious about 1-2 days before the onset of symptoms. Actually, at the onset of symptoms many are already getting less infectious.

That’s why this one’s hard to catch up with. You need to be very quick when contact tracing.

So, yeah, absolutely, you should quarantine after contact with a known infected person, no matter whether you have symptoms or not.


They should quarantine until tested.

The idea is that with mild social distancing + contact tracing + good testing infra, you can track virus spread faster than the virus actually spreads, keeping outbreaks localized.


Probably. I would say that depends on the overall strategy.

If pre-symptomatic people infecting others is a big issue, then it's probably worth the cost of quarantining folks who display no symptoms until you are sure they aren't sick.

Obviously that means you quarantine a lot of people who don't later get sick.

That sounds draconian, but its a lot better than lockdowns.


> Regarding 3) - should they quarantine regardless or just if the get ill?

I guess they have to quarantine. Not only them but anybody else that came into contact with and so and so forth :-)


Yes, they should quarantine until they're able to get a test and test negative. We have a lot of evidence of asymptomatic and presymptomatic spread.


They should quarantine regardless, since asymptomatic people are also spreaders. Ill people sre anyways getting quarantined even without any tracing.


Regarding #3 you give them a quick, free test to determine whether they should quarantine or not.


In an ideal scenario, agreed, but very few countries have enough tests to test non-essentials workers or people who are experiencing minor symptoms.


With one notable exception, most countries are at least working on this if not having reached this level already. Just because the country with the largest number of infections is screwing up the testing doesn't mean every country is.


There isn't a dichotomy. We can use all these techniques.

Testing is great of course, but given that you can't test everybody every day, testing is more effective when you can test the right people. If we can trace contacts, we can prioritize testing of people who've had a possible contact recently, and thereby find and quarantine infectious people faster.


> There isn't a dichotomy.

I simply meant that this

"without ubiquitous, cheap, fast, and accurate testing, you can't confirm the app's diagnosis. So the alert is useless."

was turned into medical professionals asking someone about contacts, a la

"Someone you report you had coffee with, but who doesn't get the disease, is a false positive"

to show that getting asked about contacts by medical professionals isn't better than a contact tracing app, which is a straw man, i.e. Schneier didn't ask for medical professionals to ask those questions, he said those questions are useless without tests.


He did ask for that, at the end of his post:

> It has nothing to do with privacy concerns. The idea that contact tracing can be done with an app, and not human health professionals, is just plain dumb.

Human health professionals doing contact tracing means exactly that.


In context, given all he wrote before, it's obvious that he means testing, not asking questions about who someone had coffee with.


No not at all, in that sentence he is talking about human health professionals doing contact tracing rather than apps.

Which is why the thread-starter is right that his argument here is silly. It would be better for him to be clear-eyed that he is biased against technological contact-tracing solutions in favor of human ones, because of his privacy concerns. That is a totally reasonable position! What is not reasonable is arguing against using technology for contact tracing because it has false-positive and false-negative problems; it's true that it does, but all contact tracing solutions are probabilistic in this way.


"You just don't need to stop every transmission to stop the disease. Even stopping 70%, via a range of measures, is about enough. You can tolerate some errors."

Please explain this to Gavin Newsom.


The measures we have in place in CA do stop 50-70% of transmissions. The challenge is relaxing some of those while keeping transmission at the level that it is.


> Assume you take the app out grocery shopping with you and it subsequently alerts you of a contact. What should you do? ...the alert is useless.

This feels like the mask debate again. It doesn’t guarantee safety, so it’s useless.

But there are plenty of things you could do.

You could carry on but avoid visiting your elderly parents, and cancel your plans to attend a crowded event. You could start walking or driving to work instead of taking the train. Or work from home more often.

It’s not a choice between quarantine or complete freedom, there are grey areas in between.

Get one of these alerts? Start taking more precautions. Get many more? Start taking more extreme caution.


Some of the problems: If you get an alert, are you personally responsible if you aren't going to self-quarantine immediately and perhaps infect others after being notified? What use would a tracing app have if anyone could ignore alerts at will, because s/he has no symptoms and is afraid of job loss if quarantining?

On the other hand: What about people not using the app or just disabling bluetooth because they are afraid of being helt responsible? What if your employer, your supermarket or your health insurance demands that only users of the app are served/welcome? Are they allowed to check that you conform, even if the use itself is volontary?

I'm not against a tracing app, but lots of unsolved questions aren't even discussed openly.


I would probably err on the side of making it opt-out and not mandatory. You’ve got a valid and interesting question, but my comment was in response to Schneier’s claim that contract tracking apps are “useless”.

> What use would a tracing app have if anyone could ignore alerts at will, because s/he has no symptoms and is afraid of job loss if quarantining?

I think this is another example where things are a bit too binary. If anyone could ignore the alert, then some probably will and the rest won’t. The fact that the rest are taking this seriously still helps to avoid some number of transmissions.


> I'm not against a tracing app, but lots of unsolved questions aren't even discussed openly.

Weird, I see the points you made brought up in many discussions that are tad more professional than a Twitter argument.

Your first point is addressed by the fact that these apps are developed in tandem with health authorities. You don't just get locked away for two weeks because your phone popped up a notification. Just like there's stages for isolation there's ways to make this more compatible with regular life and still maintaining an impact on hindering the spread of this pandemic, e.g. getting you tested quickly instead of automatic isolation. Of course from an epidemiological standpoint one might argue that immediate isolation would be advisable but I doubt that would go over well in most democracies. The job loss argument seems like the economic impact argument brought up a lot over the last few weeks. On a population scale, an asymptomatic superspreader is likely far more expensive than somebody not going to work for a few days until they got tested so it could/should be addressed by policy makers. If your politicians can't figure out how to make mandatory sick leave happen during an active pandemic I'm not convinced a contact tracing app is the problem.

The debate on voluntary or mandatory usage will surely be interesting, though I don't see how making it mandatory would not lead to people actively avoiding it's use and thus lessening the efficacy.


> On a population scale, an asymptomatic superspreader is likely far more expensive than somebody not going to work for a few days until they got tested so it could/should be addressed by policy makers. If your politicians can't figure out how to make mandatory sick leave happen during an active pandemic I'm not convinced a contact tracing app is the problem.

That's pretty much the endpoint of the discussion.

We've already established there is no magic bullet for this. Even the most promising therapeutics, in the best case, will not return us to normal by the fall. Source - https://www.gatesnotes.com/Health/Pandemic-Innovation

We are counting on vaccines, but the timelines already have a huge amount of optimism backed into them. We can hardly stand 18 months more of this, but yet rollout may drag on longer than that if the trials encounter setbacks.

If we don't ramp up and improve testing then we're screwed. No matter what else happens, that banishes us to isolation with no end in sight. Thankfully, testing is one area where we can and probably will come up to snuff in the summer months. That doesn't get us back to normal or normal-ish.

The app would be a tremendously powerful tool. If you take this seriously, then you will value even meager tools that help move the needle in the right direction. People still holding out hope for that magic bullet are delusional, and they need to wake up to reality.


Indeed, if you don’t quarantine after notification, then what is your liability?

If someone gets sick and dies and tracing leads back to you?


Presumably, if you decide to install the app, it's because you are willing to consider altering your behaviour based on the alerts it gives you. You might find forcing people to install it has little benefit because of the point you mentioned but I don't think anyone is talking about making it mandatory.


From what I've read, apple and google appear to be working on rolling out APIs for contact tracing on their platforms, and apps you explicitly install are supposedly just the first stage, with later in-platform functionality presumably to come with regular OS updates. So It might not always be a deliberate choice made by users in the future, for good or ill.


That sound really speculative. What exact wording did you see that makes you think this?


No, the OS updates provide apis that apps that you voluntarily install can use. They don’t work on their own.


Masks directly help prevent spread, the app does not. It's essentially a decision-support system, and I agree with Schneier that on an individual contact tracing-level, it's probably not a good one. But _perhaps_ it helps if it's well-designed and presents aggregates of probabilistic information well. If its underlying models are good it can, for example, inform a user where not to go because the infection risk is too high, after it has gathered data of frequent close encounters between otherwise "distanced" people in a location.


Comparing it to the alternative of health professionals doing contact tracing, in addition to the fact that it's vastly better at its job, it would also be a privacy-protecting system.

Say that I have close contact with a co-worker named Joe on a regular basis. I get diagnosed positive. I don't have Joe's phone (it's not all that normal to exchange personal phone numbers with co-workers). So now I'm asking sick time from my manager John and talking with someone performing contact tracing. Now this health professional has to play phone tag to get Joe's number, and John will obviously put 2-and-2 together and know what happened. So will others in the phone tag.


The counterpoint is that those are things to be done regardless. Because the absence of an alert doesn't make visiting my elderly parents any safer.


Not wrong, but also doesn't allow us to get back to normal in any meaningful way.

That said, I don't believe we're at the point in the curve where we should be returning to normal. Contact tracing apps feel much more useful when we're into the tail end of the pandemic, where infection is far less likely. And only of value if usage of the tracing apps is very high.


I think that we won't go back to normal (like pre-COVID normal) for a long time. Unfortunately there is no silver bullet yet, and we should prepare to live without one for a while; in the meanwhile we will adopt a number of means to keep the virus diffusion low, and the lockdown away.

A contact tracing app (like a mask or washing hands) is among those things. If it is not privacy intrusive and it has some effectiveness, it's OK for me. I'm happy to reduce the infection rate, even if it's just a few decimal points.

I really don't understand all these discussions about something that might save lives. IMO the real discussion should be whether these app are privacy preserving enough. Are there (realistic) attacks on these apps? How can we mitigate them?


> I really don't understand all these discussions about something that might save lives. IMO the real discussion should be whether these app are privacy preserving enough. Are there (realistic) attacks on these apps? How can we mitigate them?

The problem is there's likely a pretty direct tradeoff between preserving privacy and efficacy. So I think people whose main concern is privacy are taking the position that the apps can't work, without being clear about the fact that it really depends on what assumptions you make around enforcement.

Clear disclaimer: I'm not anything like an expert here. Much of what I've written below is likely wrong or misleading and I'd welcome corrections.

A simple, bad, toy model is that the fraction of infection chains you prevent is (fraction of people using the app)^2 x (fraction of transmissions detected) x (fraction of people who comply). So if your model is "app usage must be opt-in" and "it must be impossible to tell who is complying with the app's recommendations" you do indeed find that the app only detects a small fraction of transmission chains (e.g. assuming 50% of the population opts in, 80% of transmission events are detected, and there's 50% compliance rate, you only stop 10% of infection chains). But if it's mandatory to use the app, and there's a mechanism to ensure enforcement you can do much better e.g. with 80% of people using it and 95% compliance you're closer to stopping 50% of transmission chains.

Of course that model is far too simple to be correct. But https://045.medsci.ox.ac.uk/files/files/report-effective-app... models this in more detail. Their simulation finds that you can suppress the overall transmission in the UK with 80% of smartphone users using the app (56% of population, comparable to the most popular apps), 80% detection of transmission, and 2% dropout rate per day on a quarantine period for all individuals flagged as contacts, which lasts up to 2 weeks. I don't know what they used to come up with that number for dropout rate, but it seems highly optimistic if the information about who has registered as a contact is kept private. They also find that up to half the population might be in quarantine at any one time, which I suspect is higher than most people are anticipating for a post-lockdown period. To combat this, they propose various going through a process of optimising the algorithm based on feedback, but again, if the most-privacy-preserving approach is taken for the data collection, performing such optimisations may become difficult or even impossible, since you won't be able to followup on individuals.

So, my — non-expert — conclusion at this point is that privacy-preserving digital contact tracing probably isn't going to be that useful because people either won't use it or won't follow the advice when doing so is inconvenient (e.g. because it puts their employment at risk). But digital contact tracing in general seems like it can help, if you can drive both usage and compliance high enough.

So there may be a pretty direct tradeoff here between our ability to trust the health services with personal data and our ability to prevent further rounds of unchecked exponential growth of this virus. And that is worrying, because — as a British person — I'm very unexcited about giving a government that has a history of using targeted data from social media to achieve policy ends even more data to work with. But I don't know that I can construct a satisfactory argument that it's OK for people to die, or even for those that don't to suffer an additional year of economic disruption, in order to avoid the privacy implications of a system of contact-tracing-with-enforcement. And I also worry that those who would be happy to collect this data will use the launch of an initial ineffective app, and a corresponding second wave of infections, as a way to make this kind of data privacy socially unacceptable.

Maybe there's an argument that by focusing on legal limits to the use of the data rather than to technical controls on its availability, we will end up in a better position in five years time, not just on the pandemic, but also on privacy.


> 2% dropout rate per day on a quarantine period for all individuals flagged as contacts, which lasts up to 2 weeks. I don't know what they used to come up with that number for dropout rate, but it seems highly optimistic if the information about who has registered as a contact is kept private

Sorry but I don't understand how keeping contact information private or public has any effect on the compliance of people to stay in quarantine?

> So, my — non-expert — conclusion at this point is that privacy-preserving digital contact tracing probably isn't going to be that useful because people either won't use it or won't follow the advice when doing so is inconvenient (e.g. because it puts their employment at risk). But digital contact tracing in general seems like it can help, if you can drive both usage and compliance high enough.

I don't understand why you think an app that can promise to keep people's personal data private would gain lower adoption than one that was explicitly collecting such data. Maybe I've misunderstood what you're trying to say here but it would make more sense to me that an app that can preserve privacy would have higher adoption, higher trust and therefore higher compliance levels.


> Sorry but I don't understand how keeping contact information private or public has any effect on the compliance of people to stay in quarantine?

Because if you know who's supposed to be in quarantine you can take steps to verify that they actually are. And also because people are simply less likely to comply with rules when they know no one can tell if they're following them.

> I don't understand why you think an app that can promise to keep people's personal data private would gain lower adoption than one that was explicitly collecting such data. Maybe I've misunderstood what you're trying to say here but it would make more sense to me that an app that can preserve privacy would have higher adoption, higher trust and therefore higher compliance levels.

Again, because you're comparing "opt-in and private" with "opt-in and non-private". I'm comparing "opt-in and private" with "mandatory and shares user data with the health authorities" (which is different from "[opt-in|mandatory] and public" in that in the latter case any member of the public can get information about infections; I think South Korea are/were running a system with that level of sharing).


Thanks, I can definitely see how making either downloading and running the app or following the declared quarantine measures mandatory could backfire.

I'm already disappointed that the UK government feel it necessary to keep track of personal data (they announced recently they were not going to use Google/Apple's API for this reason). I really hope they don't try to force people to use the app or follow its directives.


Out here in the real world, people will not 100% avoid visiting the elderly for 12-24 months.


Or you might even take a test yourself to confirm and then isolate or not based on that. The fact that the author doesn't consider that as a logical next step destroys his whole argument. What an incredibly weak article. It doesn't even touch on the privacy implications, which would have made it interesting rather than garbage.


And if you have family at your house, you could self-quarantine away from them for 2 weeks.


Don't these arguments apply equally well for manual contact tracing? There will be very significant false positives and negatives there too.

I would expect that a contact tracing app can actually make a much more accurate list. Trying to accurately remember who I was near and for how long over the last X days is difficult (given that I'm not confined in my house, of course) Even with intensive manual research, working out who it was that cycled behind me for 5 minutes this morning or who I coughed next to at the cheese counter is going to be remarkably difficult. Apps can plausible cover some of those cases.

We'll need to tune the alerts for acceptable precision & accuracy, as a function of the signal strength & duration of each contact, but that seems like a tractable problem, and again seems very similar to judging the risk of manually collected contact events.

Despite all these possible inaccuracies, AFAICT contact tracing has been shown to be very effective, and is a well respected technique. I don't see anything here about how apps will be significantly worse. This assumes a significant install base of course, but I think that's tractable.


"Don't these arguments apply equally well for manual contact tracing?"

No. They mostly apply to manual contact tracing, certainly, but they do not apply equally well.

A human being doing it is much smarter. They do take into account the fact that someone was on the other side of a wall. They are not limited by whether or not someone installed the app. They can use their brain to solve little local issues that the app can't even perceive which cumulatively add up to a huge difference.

The app has a few advantages over the human, too, but I don't think it's that surprising at all that when it's all summed up and accounted for it ends up heavily Advantage: Dedicated Human. The modest advantages are trashed by the massive disadvantages.


I agree there's cases that humans will handle better, but there's also cases where the apps will do better too, and I wouldn't be surprised if it was a wash (soon hopefully we'll have some actual research on this!).

For example, in most situations where you're near an anonymous stranger, manual tracing is going to have a lot of trouble. That's a _lot_ of cases. You're almost certainly not going to be able to hunt down the person you sat next to on the metro for half an hour, or a stranger who came into your shop to ask some questions yesterday. Apps plausibly could trace them.

That's before you start thinking about simple forgetfulness. Who did you sit next to in the company meeting a week ago?

Assuming people actually use contact tracing apps (TBC...), then many of those otherwise untraceable contacts can be picked up.


I’m glad to see Schneier come out with an opinion against these apps. Up until now, it’s seemed like the privacy community has been almost excited about the idea of these tracking apps. Maybe because it’s a cool academic problem? I don’t know.

Take this DP-3T project for example. It’s really interesting tech, and a great group of people behind it. But the government doesn’t care for this nuance of what is privacy preserving tech and what is not. For now, maybe at the beginning, privacy will be emphasized. But the important part is conditioning citizens to be okay with the underlying idea of technology assisted self-surveillance, and compliance with notifications on their phone telling them to stay inside.

Schneier raises the point of false positives, which is important with regards to this idea of conditioning. What do you do when you get a notification that someone “nearby” tested positive? Do you take time off work and isolate yourself in your house for two weeks, just because some beacon passed within two meters of you within the past two weeks? Even if you have no symptoms at all? Just because you got a notification on your phone? This just seems unrealistic to me.

My other worry is the classic “slippery slope.” Maybe people are okay with these apps in their current form, if they’re privacy-preserving. (Personally, I doubt anyone outside tech can recognize the difference anyway, but let’s assume the wider populace takes its lead from us). Isn’t there a risk that eventually people will forget about the underlying details and privacy will be deemphasized?

“You were okay with TrackingApp 1.0, why wouldn’t you be okay with TrackingApp 2.0?”

If we give an inch now, will the government take a mile later? Who’s to say the emphasis on privacy will remain in place? Heck, it’s not even clear whether it will be in place from the beginning. The NHS is already saying they don’t want to use it, choosing instead to build their own centralized solution.

Again — it’s extremely concerning to me to see the general vibe of excitement coming out of the tech community around these apps. I’m really disappointed and would expect to see more skepticism. So, kudos to Schneier for going against the grain here.


We already gave an inch and the government took a mile. Closing down state parks and playgrounds. Making it illegal to play with the kids next door.

I was probably pro tracking app a month or two ago, but the draconian measures taken by some governments (Michigan, Wisconsin) has changed my mind. Its going to lead to abuse abuse abuse abuse.


I don't understand this argument. It's not like governors want to take that mile. They have literally no incentive to shut down playgrounds (in fact, politically, the incentive is the opposite), besides uncertainty around what does and doesn't matter for fighting the epidemic in their state. It continues to look like we got lucky that kids aren't really affected much by this, so maybe it would have been fine to leave playgrounds open and keep having play dates. There were indications of that early on, but also a high risk it wouldn't pan out. Playgrounds are exactly the kind of thing that are problematic for the spread of this illness: high-touch surfaces of the kind that this thing sticks to. If there were playgrounds for adults, they would be the most important things to shut down (indeed the closest thing to that - bars and clubs - will probably be the very last things to reopen). On top of that, kids cough a lot and put their hands in their mouths and just generally spread their fluids around. This would all be really bad news except that it doesn't seem like kids spread this much, for whatever reason. But we just got lucky with that, and taking that risk would not have been smart at the beginning of this.

Going back to my first point: I don't understand the logic of this argument at all. Why do governors want to lock people inside? What is the benefit? I share concerns over government breaches of privacy, because I don't want politicians abusing their trove of information on people to hang on to power. I don't see how this is similar to that at all. If politicians in the US were using this to cancel elections where they're on the ballot, then I'm with you, that's worrisome, but that's not what's going on here. These governors are accepting a political hit on the bet that it is going to keep more of their people alive.

Lay out for me the argument for why you think these leaders want to take this mile having been given this inch; why do they want to close down state parks and playgrounds and cancel your playdates? What do you claim is in it for them?


I think politicians do have an incentive to lock down as much as possible.

It appeals to their ego to do something authoritarian, and the power balance shifts from voters feeling free to voters anxiously hanging on the lips of politicians to find out when their new masters will allow them to go out again.

There very powerful psychological forces at play here, people are literally trained like dogs in these situations.

As an example, in Germany the CDU approval ratings shot up during the crisis, people apparently have Stockholm syndrome.


This is very very thin when balanced against putting hundreds of thousands of people out of work and making some other very large number of people homeschool teachers at the same time they are full time employed. I am deeply skeptical that there is any governor in the US who thinks this is great politics. I really think they're just trying to do the best thing for their people. Recognition of this is why you see their approval ratings up.


I cannot comment on the US, because I don't live there. In Germany, however:

Information flow was poor and deceptive:

1) First, actual masks are purportedly useless, now homemade toy masks are mandatory.

2) While the population was locked in and many people lost their jobs, the government health authorities could not be bothered to report new cases in the weekend. Of course one cannot force a civil "servant" to work. Work is for the plebs and civil "servants" have job security as long as the ECB can print money.

3) There is no effort to determine if for example supermarket workers have a higher number of cases. They are in contact with hundreds of people every day. Zero information.

4) Actual antibody studies are lagging and take an extraordinary amount of time.

Now the economy is down, bailouts for the rich will happen, the politicians, civil "servants" and state television parasites are secure and the general working population is screwed. Same as in 2008.


We saw the same thing with the patriot act and the post-9/11 world. Give an inch, they take a mile. I understand the situation and the need but once politicians get a taste of the power they can't give it up. It's like a drug to them.

Who was it that said "government should never get so big that you can't drag it to the bathroom and drown it in the tub"?


Grover Norquist: https://en.wikipedia.org/wiki/Starve_the_beast

Counterpoint: When you drown the government in the bathtub, people die > https://www.washingtonpost.com/opinions/2020/04/10/when-you-...


How many more people dying are we talking about had the US not drowned it's government in the bathtub?

Is the average life expectancy in the US this year that much lower than in, let's say South Korea, Singapore or Taiwan? How about the p90/p99?

We won't really know until all of this is over.


I'm curious what measures you considered draconian?


Any contact tracing will produce false positives and false negatives. You will notify 20-50 people per infected person, most of them will not be infected. We only have a problem if the number of false positives is in the 200+ range and the rate of infections is relatively high.

It is important to not that a short encounter will not put you into an at risk status. You need 15 minutes or whatever the health authority is long enough to make the tradeof between false negatives and false positives.

If people follow the app or not will be mostly legal protection. Countries with weak worker protection will have a harder time getting people to comply voluntarily.

I find slippery slope arguments weak. They can be used on anything to make the outcome much worse.


That's good points Schneier does not make in this post imho. The conditioning / slippery slope argument also applies to countries that currently go with the, imho, more sensible architecture of DP3T. We've seen worrying calls for including a bunch of additional features in Germany, e.g. (voluntary) epidemiological data collection and an "immunity pass" (not from the government yet but still, worrying). I think the privacy community, at least in my bubble of the internet, was excited that the scientific consensus of DP3T > PEPP-PT/ROBERT/(the NHS approach) won out over lobby interests and from their perspective was deemed the safer option.

It's not like they aren't discussing the broader implications of digital contact tracing from a bunch of angles, and I see calls for evaluating the proportionality and efficacy of these apps on Twitter pretty much daily. OTOH I don't really see how shallow dismissals of "it's plain dumb" like this blog post help the overall discussion honestly.


A crazy amount of statistical reasoning would have to be put into such an app to not trigger a false positive after a long shopping tour for instance and still have a reasonable true positive rate. The current numbers publicly available aren't even exploited to their fullest. IMHO assuming that the lethality is a constant (or a polynomial) would already be a treasure trove of knowledge, in order to approximate the number of untested cases. Also looking at the WHO dashboard, I have serious doubts anyone cares if there is actionable value for the population available.

Maybe it would be more useful to start centralizing the numbers available already (PPE supplies, hospital usage, ...), throwing them into more realistic simulations and testing models. IMHO it's still not really clear why China has less cases than the US and why Taiwan and Sweden are doing just fine with only conservative lockdown measures. FWIW, it would also be helpful if Chinese institutions would publish if their tracking efforts have brought actually a provable difference.


>Schneier raises the point of false positives, which is important with regards to this idea of conditioning. What do you do when you get a notification that someone “nearby” tested positive? Do you take time off work and isolate yourself in your house for two weeks,

Ideally we would have tests so in a community with no infection at the moment somebody is tested as infected you can inform and have all the other possible infected people tested.

I suggest you consider covid as a training exercise for the next one, that one could have a 10% chance to kill your children, then would you prefer to get an alert and take measures or prefer to stay ignorant.

In theory if you have few people infected , good testing and tracing you could lockdown only the infected and possibly infected people instead of locking everyone down.


>Up until now, it’s seemed like the privacy community has been almost excited about the idea of these tracking apps. Maybe because it’s a cool academic problem? I don’t know.

It's because 90% of the computer privacy community is people from the computer security community that like to LARP as if they didn't sell out the privacy ideals they used to hold.

Computer security people were always more interested in playing with the tech than more-ethereal concepts like privacy and trust and their roles in society. Add in the fact you can make a lot more money bolting encryption to a data exfiltration vector than leading a principled stand against the surveillance system that uses it. Stir for 20 years, and you have a bunch of people who need to admit to themselves that they're today's authoritarian boomers that love faux-rebellious rhetoric.


And what if you can easily get tested if you get notified?


The Swiss COVID-19 Science Task force recommends a test at the beginning and the end of the Quarantine and if someone shows symptoms.

https://ncs-tf.ch/en/policy-briefs --> Contact Tracing


No offense to Bruce Schneier but he seems to be making an argument based on the apps' epidemiological value, an area that is outside his expertise.

Surely all contact tracing methods have false positives and false negatives. Do they all have "no value"?

Technologists have a duty to explain the limitations of the technology, but I don't think they should be drawing conclusions and making public health recommendations.


Yes, they all have no value.

Let's assume someone got bankrupted by a hospital over a severe coronavirus case. This means that someone has been wandering around for weeks infecting others. Let's assume there is a chain of 10 contacts between me and that someone. The probability of virus transmission is 1% (and I'm generous here) because more people wear masks, because people avoid talking and generally avoid interactions. Probability of transmission over 10 links is 10^-20 and we may stop right here, unless we plan to study quantum particles.

Now let's assume I get a notification that I might have been infected over the past few weeks. The probability that the app is correct is abysmally low. But even if I get infected, I'm unlikely to get sick and I'm unlikely to transmit the virus to others because masks, social distancing and because I already assume I'm infected.

So yeah, this app would be useless and is only good for surveillance.


I don't think you answered the question you're responding to. You're still talking about the app, the question is about all contact tracing generally. Actual epidemiologists appear to disagree with your (I'm assuming) amateur opinion that contact tracing, in general, is useless. They are aware of all the things you mention, and still believe it is useful. There also seems to be examples of success with contact tracing in conjunction with good testing regimes in countries that are faring much better than the US. It seems like arrogance to me to think that we can't learn anything from those successes.

(But I'm very uneasy about these app-based approaches, and much more in favor of hiring tons of humans to do contact tracing instead, or at least as the primary mechanism.)


> The probability of virus transmission is 1% (and I'm generous here) because more people wear masks, because people avoid talking and generally avoid interactions. Probability of transmission over 10 links is 10^-20 and we may stop right here, unless we plan to study quantum particles.

If that were truly the case why are there still transmissions? Wouldn't that imply that in a matter of 5 months it will be impossible to get the disease strictly due to the timeline and required links? ~14 days of transmissible * 10 transmission events / 30 days in a month = 140 days before no more mathematically possible transmissions. Wouldn't that require us being repeatedly exposed to every person on the planet to keep those numbers to a possible level?


Because there are multiple paths and the virus really spreads like a wave frontier in a 10 dimensional space of human to human contacts graph. The virus also spreads in a non uniform way: it's not about the distance between two interacted persons, but about the nature of their interaction, whether they weared masks and so on. The virus also really likes to stick to surfaces, like door handles or plastic wraps, and this vector of transmission is very difficult to trace even manually. Think of credit cards. The virus floats in the air like smoke if someone coughed and others may catch it this way. An app can't account for that and instead builds a social graph of interactions. The app would notice a lot of people crowded in a parking lot and would assume the virus was transmitted between those 50 people, but it wouldn't know that all those people sit in their cars, so the app just made the transmission chain 50x less useless. A few more such gatherings and the relevance of tracing drops to those sub quantum levels of homeopathic medicine.


But, if it can save just one person...


That wouldn't justify surveillance.


What about one child... and a puppy?


the value is here

"you've come in contact with someone infected! use this coupon code to get 10% off your test at select locations. Need a mask? click here to buy one and save your family".


I think the point of contact tracing is not that it's a silver bullet used alone, but rather a piece used alongside more widespread testing to help lower the rate of transmission. It may be reasonable to argue that these tracing apps alone aren't valuable, but once you add in greater test availability, it seems like they can help.

https://ethics.harvard.edu/covid-roadmap


Right - this is just a way of helping to prioritizing who gets tested. Given that testing kits will always be a limited resource (you can't simply test everyone, everyday) it makes a lot of sense to find sub-populations who are more likely to be positive. That doesn't mean you don't test anyone else (eg. those with symptoms, those in sensitive jobs) - it just lets you use a certain percentage of your testing capacity one those people who have been in proximity with confirmed cases.

As you say, it's not a silver bullet but in combination with a slew of other approaches can help reduce the rate of transmission rate.


Schneier is correct in that the proposed method is almost worthless for effective contact tracing. However, he does not offer a viable alternative.

There have been large-scale ground-truthing experiments run in cities like Manhattan for similar types of data models where population coverage was similar to the most optimistic projections for the proposed contact tracing method. We have a lot more data on the effectiveness of this type of tracing than most proponents and bystanders know, and it provides plenty of reason to believe the bluetooth proposal is an exercise in futility. Methods that would likely produce an effective data model exist but they are much more difficult to navigate as there is no legal framework for it, though technically possible.

Discussion of contact tracing has been taken over by armchair experts who have a naive understanding of the complexities of the problem, particularly when a disease is already endemic. Technical implementations that would have broad efficacy in a country like the US are at least a year away, and several governments are aware of this. Some governments are rolling out contact tracing programs they know have low efficacy for the sake of appearances.


Thinking "its not accurate enough" should not EVER be a reason to decide not to try something that could potentually help in this unprecedented situation. It may well not work well enough but we won't know unless we try!

Each individual incremental activity, process, treatment, protection or APP that takes us a little closer to successfully fighting this thing should be done and done in conjunction with the others.


>Thinking "its not accurate enough" should not EVER be a reason to decide not to try something that could potentually help in this unprecedented situation. It may well not work well enough but we won't know unless we try!

You do know you're using this line reasoning against the guy who literally invented the phrase "security theater," right?


The analogy is definitely apt, but the difference is that we know a lot less about what is going to help with this problem than we did about the terrorism problem. Furthermore, it seems like contact tracing has helped in some countries who are already doing it, so there is some evidence it is not just theater.


Especially when you have no particular knowledge or citations as to what an appropriate standard for "enough" might be.


Exactly - I have huge respect for Bruce Schneier when it comes to matters relating to cryptography. But apart from commenting on the security, privacy and other technical aspects of these apps, I'm not sure on which authority he's giving these opinions on matters relating to epidemiology. At very least I'd like him to give some supporting scientific citations. But as it stands, Bruce's opinion on the medical and public health efficacy of these apps is no more valuable than yours or mine.


Actually, yes it should, but it depends on the numbers and this is a well studied area of statistics.

One of the many issues is whether or not someone who flags positive is actually positive and whether someone who flags negative is actually negative. This depends not only the sensitivity (if someone is sick, will they flag positive) and specificity (if someone is healthy, will they flag negative), but on how prevalent a disease is within a population. That last quantity is constantly changing, which also means that this calculation is constantly changing, which can and should affect policy.

Now, the issue is that if you start telling a bunch of healthy people that they're actually sick and want them to quarantine or that a bunch of sick people are actually healthy and that they're free to go there are consequences. One, people will lose faith in the system and stop listening at all. Two, healthy people who work in an essential area can now not actually do their job. Three, sick people in an essential area are now going back to work and getting other people sick.

That doesn't mean that nothing should be done. However, it may absolutely mean that this particular method should not be done because it will cause more harm than doing the proverbially nothing.

As for this particular article, it's not great because it doesn't actually work these numbers. It would be a good article if it actually calculated whether or not the app is worthwhile given a certain prevalence, sensitivity, and specificity. Personally, I don't know rate of prevalence of COVID-19 nor the sensitivity or specificity of the existing tests. However, I still strongly reject the premise that any test or contact tracing app is better than none at all.

In order to fully beat a dead horse, here's the wiki that runs through how to calculate these numbers:

https://en.wikipedia.org/wiki/Sensitivity_and_specificity

I don't like their presentation, but it is what it is. Here is some Octave code that runs through their example with some more readable names:

    % Total population
    pop = 2030;

    % If someone is sick, will they test positive
    sensitivity = 0.67;

    % If someone is healthy, will they test negative
    specificity = 0.91;

    % Prevalence of the disease
    prevalence = 0.0148;

    % Works some numbers
    sick_pop = pop * prevalence;
    healthy_pop = pop * (1-prevalence);
    sick_pop_tested_positive = round(sick_pop * sensitivity);
    sick_pop_tested_negative = round(sick_pop * (1-sensitivity));
    healthy_pop_tested_negative = round(healthy_pop * specificity);
    healthy_pop_tested_positive = round(healthy_pop * (1-specificity));

    % Derive some useful quantities
    fprintf( ...
        ['Of those who tested as sick, percent of those actually ' ...
        'sick (positive predictive value): %2.1f%%\n'], ...
        100*(sick_pop_tested_positive / ...
            (sick_pop_tested_positive + healthy_pop_tested_positive)));
    fprintf( ...
        ['Of those who tested as healthy, percent of those actually ' ...
        'healthy (negative predictive value): %2.1f%%\n'], ...
        100*(healthy_pop_tested_negative / ...
            (healthy_pop_tested_negative + sick_pop_tested_negative)));

    > Of those who tested as sick, percent of those actually sick (positive predictive value): 10.0%
    > Of those who tested as healthy, percent of those actually healthy (negative predictive value): 99.5%


Two big things he seems to miss.

Correctly identifying (and quarantining) just a few newly infected people in the early stages of an epidemic is a huge win. It's the same as compound interest. Early investment pays handsomely.

Secondly, this article is written as if better testing won't be available in the future. Better tests will eventually exist, so that can hardly be a reason why we shouldn't lay groundwork now.

Bonus point: we aren't just trying to help the current pandemic. Perhaps this infrastructure could help prevent the next pandemic of a far deadlier disease where every extra quarantined person saves multiple lives.


This is very wrong, to the point of being deliberately misleading:

> Assume you take the app out grocery shopping with you and it subsequently alerts you of a contact. What should you do? It's not accurate enough for you to quarantine yourself for two weeks. And without ubiquitous, cheap, fast, and accurate testing, you can't confirm the app's diagnosis. So the alert is useless.

YES, of course we need pervasive testing. Everyone knows we need pervasive testing. That's why it's called a "test and trace" regime! We don't have it, and that's a major problem. But we know we have to get there.

And once we do, the alert isn't useless anymore.

Tracing is one requirement of a successful mitigation strategy. Testing is the other. We need both. Having one side refuse to cooperate because they don't think the other will is just a recipe for disaster.

I mean, imagine if the medical community started refusing to do tests because they thought the privacy folks would block attempts at tracing. That's what this logic amounts to.


For me it's both about the privacy and vulnerabilities in the Bluetooth stack such as https://www.armis.com/blueborne/

According to the article, you need Sep 9 2017 security patch level, but my 5 year old phone is on Sep 1 2017 level. No way I'm going to have Bluetooth turned on in untrusted areas. While I'm unlikely to get hacked on the street or in a store, it gets more likely in places like a bus or a train (while commuting).


Unlike "Security Theatre" of the TSA et al, this is a little different. Contact tracing is proven to be effective in reducing the number of infections and locating and treating infected people earlier in their infection.

These apps are aids to that tracing, not a solution. They help both those that were in contact with someone who is diagnosed, by getting tested and treated earlier, they are more likely to stay healthier.

But if they also quarantine themselves and are infected, they are less likely to spread the infection further.

So it's a win-win.


> [...] and Bluetooth -- just aren't accurate enough to capture every contact.

Did I miss his paper on the matter? There's dozens of groups working on this and even with a regular free space model the results seem "good enough" in <2m,15min scenarios for an additional data point.

Most of this seems to leave out that digital contact tracing is not a cure all but a tool to help manual efforts. I somewhat hate the simplification people bring here, that every additional identified contact helps, but dismissing it as "plain dumb" seems rather shallow as well. Sure, false negatives will be a thing, the false negative rate of not doing digital contact tracing at all would be higher by definition. Most of what he outlined can occur in manual contact tracing as well and we still do that, simply because it's necessary.

I haven't seen anything so far that would suggest that digital contact tracing in the poster child Singapore had any of the negative impact he brings to the table here and studies like Ferretti et al. [0] seem to make a pretty good case why it would at least not hurt the overall epidemiological goal.

> It's not accurate enough for you to quarantine yourself for two weeks. And without ubiquitous, cheap, fast, and accurate testing, you can't confirm the app's diagnosis. So the alert is useless.

The time frame and assumptions on testing capability is US centric I assume? If you can get a quick test it would not be two weeks, it's likely quick tests will become more prevalent if this sticks around long enough and testing capability will be raised to sufficient levels. Otherwise yes, false positives would quickly diminish usage.

Of course some of his points are valid and need to be addressed by OS vendors, apps and policy makers, and evaluation of efficacy will be just as critical as teaching the public that having an app does not mean things can go back to normal. There's also plenty of opportunity for abuse even with the commonly decentralized architecture that is at the moment widely agreed upon but none of that supports the allegations of this particular article imho.

The comments similarly bring up things like "surface transmission" as if that mattered at all. If you treat a contact tracing app as an additional data point it becomes much more sensible.

[0] https://science.sciencemag.org/content/early/2020/04/09/scie...


What percentage of the population should install and use this before it becomes useful?

The latest survey in my country said less than 50% were willing to adopt it and the number in the article mentions only 20% in Singapore.


That completely depends on your definition of useful, how people react to a "hit" in the application, and a bunch of other factors honestly.

Figure 3 from the paper I linked contains a heatmap [0] that shows the simulated impact on r in different isolation scenarios vs. completely manual contact tracing. That's where those widely cited 60% adoption come from. In my, non-epidemiologist, view what matters more is that a) the gradient in this is better than completely manual contact tracing and b) I have yet to see anything that suggests it did not help in Singapore. While their product lead [1] is a biased source, he correctly points out that working in tandem with health authorities is critical for these efforts. If these apps aren't made only for technologies sake I do not really see how they would hurt. They have 20% there, quite some experience with outbreaks, and didn't replace it yet so I'd figure 20% would be a good enough data point for other countries to evaluate the approach on the scale of a population. And afterwards they would have to be re-evaluated constantly, just like any other measure politicians and epidemiologists currently propose to address the pandemic. We imho don't have enough data yet to even remotely answer "this amount helps", "this is how good they are" but I don't really see how that justifies these "this isn't perfect so it is dumb" reactions in the other direction.

[0] https://science.sciencemag.org/content/sci/early/2020/04/09/...

[1] https://blog.gds-gov.tech/automated-contact-tracing-is-not-a...


Thanks for taking the time to type out this response. I had scanned the paper you posted and failed to make the link between success to isolate and adoption of the app. It's messy and a bunch of factors come into play, I now understand this better.

I don't oppose a tracking app (it could be an api baked into the os but let's call it an app to simplify things). Maybe I'm wrong but that paper only addressed the (bio)tech side of things instead of also considering the sociological implications.

If governments rely on this app to do the work of human tracers, I think the initial adoption rate will be high but then fall dramatically. This is the sociological effect I'm talking about. What happens if the app flags them as possibly infected? Can they call a hotline to give them information or is it just some automated crap they hear? How many times do you think someone would get a false positive before they uninstall it? It works using bluetooth. How much power drain on their batteries are they willing to accept?

I see this app as an aid to human contact tracing not as a replacement. Maybe this is a naive interpretation, but I see it more useful in this situation:

vector: "On date X I met with Zoe, Alec and Ronnie"

tracer: "There's a fourth with the same timestamp here"

vector: "A fourth?? I don't remember a.. Oh... right... uncle dave was also there"

The problem is companies and some governments have abused privacy information and now the consequence is that people are more reluctant to give this useful info. That's why you need to study this also from a sociological point of view.


Yeah that's fair, especially your last point. In a perfect pandemic-fighting world we could just have an app that did that, the decentralized model adopted won't be that specific. It would be more something along the lines of uncle dave getting a notification. I share your concern on initial adoption, especially since I could not find hard data on places that already implemented apps. I would expect an initial rush and then a plateau instead of WhatsApp like growth as some people expect. As for your specific questions I can only offer a few points on two of them given what we know about the current plan here in Germany, that highly depends on the country and I honestly have not looked at how health authorities work in the US very much.

> What happens if the app flags them as possibly infected? Can they call a hotline to give them information or is it just some automated crap they hear?

The new vendors here in Germany were especially chosen with the argument that they are able to operate 24/7 human phone support. With the decentralized approach they'll get a lot of people flagged and at the moment it seems like the app would suggest to them to call up that number (or likely offer that as an alternative to the other established contact points). Those phone contacts could then talk them through the next steps or, should testing become too limited at any point, through an assessment if testing makes sense for them / voluntary self quarantining can be done / ...

> It works using bluetooth. How much power drain on their batteries are they willing to accept?

In centralized models as proposed by PEPP-PT/ROBERT(France) or NHSX(UK) there's a few ways explored to minimize battery usage on Android, the APIs on the iphone require the screen to be turned on for this use case and must subsequently be horrible for battery usage. The decentralized model that was adopted adopted by many countries is supported by Google/Apple as OS vendors with battery usage and interoperability with other Bluetooth usage in mind, I doubt there will be much of an impact (at least not any that would drive significant user numbers away from voluntary use).


If you can get clusters of people to use it, say everyone in a big office building, it's a lot easier to hit that 20-60% number than in the population as a whole.

IMO these apps will be most useful as a tool to assist manual contact tracing teams at first.


>without ubiquitous, cheap, fast, and accurate testing

No one is arguing to do more contact tracing and stop building testing capacity. You need both. False positives are a big issue and should be reduced. but I don't see how having a better idea of which asymptomatic people to test would be a net negative on the whole?


This is a false dichotomy. Professional contact tracers must be in charge. Contact tracing apps help them do their job more effectively.

His arguments also seem to assume that testing will remain scarce. But testing capacity keeps increasing and as lockdowns continue demand goes down.

Schneir seems so out of his element here to the point that his arguments devolve into name calling. Unfortunately this is going to taint his future credibility on contract tracing. It would have been nice to have his input on the security and privacy concerns of this issue.


An important part of the criticism is that the apps being proposed won't tell you who or where you had a contact, just that it occured anywhere. This leaves you with no capacity to judge the actual danger of being infected. An app being used to augment practical contact tracing, for example by reminding you who you'd been in contact with, would be potentially useful, but that isn't what's proposed.

Another way that such apps become useless is their voluntary nature. Ie that use of the app, and self-quarantine in response to an alert, are an individual's choice. Obviously, if you passed by a sick person in the grocery store, you do have a chance of being sick, and therefore quarantining is still useful. But most people will feel silly about quarantining themselves in response to such a low probability event. Having even a small fraction of people act on these alerts would therefore require enforced compliance of some sort.

Note that I'm not per se advocating either that the app be less privacy aware, nor that compliance be enforced, just expanding on the source of the impotency schneier talks about.


also, even if compliance was enforced, at best, the apps can only track phones. For example, I leave my phone at home by mistake all the time...


The crux of it is: “... it's just techies doing techie things because they don't know what else to do.”

All the comments here, esp HN, should think about if this is even a useful app, before debating other stats.

Will ordinary people install and use this app? Example scenario: will SIP protestors use this app? Force install with opt-out?


Add ubiquitous & fast testing into the mix - is contact tracing valuable then? Because testing on demand is what a lot of governments are looking at.

I’m thinking the app giving me a notice of close contact with a confirmed covid case will also increase my chances of getting a test even before we reach that scenario.


If contact tracing can be better than 50-50 it will be better than knowing nothing like we are now when ever we go out. If it is les than 50/50 it could have fatal consequences where people lower their guards because of too much trust into the data that is probably wrong


The points are worth discussing and putting some numbers on. What false negative and false positive rates, installation percentage among population and other things are acceptable for still useful contact tracing? And how does it tie to testing availability etc.


https://twitter.com/eredmil1/status/1255934130753204224 this had preliminary results on questionnaires w.r.t. user acceptance . This https://science.sciencemag.org/content/early/2020/04/09/scie... paper looks at how effective it is given N% of the population using it and I've not seen any info that it hurt the situation in Singapore.


https://medium.com/@tomaspueyo/coronavirus-how-to-do-testing...

This article argue why it's not very likely to be good, compared to manual contact tracing. I don't agree with all the points, but it is a valuable read. There is a lot of other good things there as well.


When discussing the paper I linked this article says "That sounds hard. The good news is that, done well, this measure alone could stop the epidemic. But even if you don’t do it well, it contributes." and correctly calls for combination with other measures. That's my main point, even if it's not as good as manual contact tracing the allegation that this is "tracing app" vs. anything else is just a pointless debate that Schneiers post seems to further. Like the article you posted seems to say, we should improve manual tracing and testing as well but I haven't seen anything in there that would support the Schneier viewpoint on first glance. Looks like an interesting read for later though, thanks for sharing!


With 95% infected not showing any symptoms, contact tracing is pointless, as it will be about tracing contacts of those few severely ill. With this in mind, contact tracing is really just a way to sell survelliance to people and then seal it in laws.


But it is more 5-40% of infected that don't show any symptoms. It is also not clear how infectious people that don't show symptoms are.


They are doing well. The symptoms are the same as mild flu or allergy, and the effects are nearly non existent except in already old and sick. If half of infected got severe complications, it would be a blood bath with military on the streets already.


Average life expectancy based on age and comorbidities of the people who die is around 10-13 years. That is not an insignificant lifetime reduction.

0.5%-2% of the people who get it, die. That is much worse than the flu that kills 0.04-0.1% of the infected. The flu itself is already pretty deadly and this is much deadlier.


But it's not deadly enough to reverse the climate change. Humans are smart animals: they will adopt to the virus real quick, restart the dirty economy machine, get their previous life expectancy back and suffocate in dirty air, water and unbearable weather. But they will die on their terms, with pride and dignity.


> With 95% infected not showing any symptoms

Got a source for that? I believe I've read it's somewhere closer to 50%.


The source is a very simple observation that if every 5th New Yorker has antibodies, half of those with symptoms would be noticeable.


I think there is more to the ContactTracing app then what Schneier mentioned.

Understand how to define a close-contact of infected. It requires a constant 30 minutes Bluetooth-strong-signal (geographically near) to the infected person, not just because your "ID" being captured on the infected person.

The app helps find these close-contacts around you and eventually notifying them to isolate themselves and test. Imagine this process chained.

Of course, this will need a scale of people downloading the app. But better-having this auto-logged than human-effort asking infected 1 by 1 (10,000+++ infected VS 100 contact-tracer)!


>That loss of trust is even worse than having no app at all.

Suddenly, for the first time, I'm sold on contract tracking apps. Lets build them and push them far and wide. If the hype cycle and subsequent arguments regarding contract tracking have shown us anything, it's that everyone needs to stop trusting claims of "it's for your own good."


I have a rather cynical prediction for these apps: they will be mandatory for us to have to use various public services, and they will cost absurd amounts of money. This will be regardless of the efficacy because the goal isn’t safety or surveillance, but extracting rents for the politically-connected people who will be “approved vendors.”


I suspect there will be multiple flavors of bootleggers and multiple flavors of baptists.


Another take: all these things (shutdowns, contact tracing, social distancing) are measures to give people a sense of security, and make them feel as if the PIC are doing something useful.

At the end of the day, the virus will do what the virus does, with or without apps. Until there's herd immunity or a vaccine, this will remain a politically charged issue and there will be constant jockeying for political clout (and I'm using the term 'political' in a sense that includes private entities trying to win favours in the eyes of the public).

I agree with Bruce, the contact tracing apps are goofy and I don't see how they will make the virus stop spreading without other changes such as widely available cheap home test kits.


TBH, the real solution will be reopening the economy with masks on and social distancing. Vaccine is a pipe dream and by the time it might be created, everyone will have been infected a few times.

My conspiracy theory is that the government understands that very soon everyone will wear masks and sunglasses and all the face-recognition tracking will become useless, so to compensate for that, they are pushing hard for alternatives. Once masks get normalized and the infection rate drops to manageable levels, the opportunity to push this app surveillance will be lost.


I'd agree that qualifies as a conspiracy theory.


If software is the new bureaucracy and this app can put you in a detention center, oof. How do you get out when the software is wrong?


what these apps would be most useful for is keeping OCD types and concern trolls busy while the rest of us get on with our lives.

EDIT: and think about this, users of this app will open and engage with it every time they're shopping or any venue. It will be the most effective add delivery platform ever made. I think that's the real motivation.


Schneier is too close to the binary nature of security.

This is an organic problem, not his specialty and will take a multilayered response.


I really think the equivalent of paper journals is the way to go.

As well as some way to report to grocery stores etc you've visited after testing positive.

Heck an answering machine at the grocery store that reports known cases, which everyone calls each Sunday would be enough.


Half the population won't even voluntarily wear a mask or isolate. Some even go anywhere they want coughing constantly.

So how exactly is voluntary contract tracing anything but an utter fantasy and hand waving that it "exists" so magically protects us?


It doesn't matter; politicians already love it because they appear to be “Doing Something(TM)”, and the ~~commecial arm of NSA~~, er, big tech are excited to provide yet one more surveillance tool. What could go wrong? This year it will be for covid, next year for influenza, then u re just going to have to learn to live with it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: