A peek under the hood of Israel’s new app, now downloaded by more than a million people, which tracks and traces while keeping the government locked out of our phones
Exploiting Bluetooth’s biggest downside to their benefit, Israeli programmers say they have built a state coronavirus tracking app that keeps the government firmly locked out of our phones.
Israeli citizens are facing a major push by the state to download an overhauled version of the HaMagen app for tracking movement, which warns people when they have been exposed to the novel coronavirus.
In the two weeks since it was launched — in Hebrew, Arabic, English, Russian and Amharic — more than a million people have downloaded it.
The computer scientists behind the app say they chose the design because they were both inspired and scared by phone tracking in places like China.
“The design of our code doesn’t allow the government any information on the user, unless the user gives express permission,” said Eyal Ronen, an assistant professor of computer science at Tel Aviv University.
He added: “Asian nations, especially China, were able to fight coronavirus well but they did so with tracking means unacceptable in Western countries. We were aiming at this effectiveness while respecting privacy.”
Ronen, and his partner Prof. Benny Pinkas, head of the cyber research center at Bar Ilan University, made the blueprint for the app, which sets its privacy protocol, and for the sake of transparency uploaded it online for all to see.
Government officials have hinted that if large numbers of Israelis download the app, controversial compulsory phone tracking by the Shin Bet intelligence agency will be suspended. Ronen said this is one of his big hopes.
Ronen and Pinkas told The Times of Israel they developed a system for Bluetooth messages to be sent between users’ phones, which can be used to generate quarantine alerts if relevant — but without the government getting anyone’s personal data.
At the crux of the design is the biggest complaint of people who use Bluetooth headphones, namely that the signal fades when you are more than a few steps away from your device.
Pinkas said that if people are close enough to a carrier for their phones to exchange Bluetooth signals of the highest quality, they are within proximity that epidemiologists want them to know about, while if the distance is greater, epidemiologists don’t care.
He said that relying on Bluetooth, rather than the tracking methods that the Shin Bet uses, can keep many people out of unnecessary quarantine.
“The problem with tracking currently done by Shin Bet is that it uses cellphone signal data that isn’t precise in terms of location and doesn’t know what floor you’re on in a building, so if there’s a carrier in a mall, it can lead to many people who were nowhere near him or her being quarantined,” he said.
With their app, every user sends out a special Bluetooth signal every five minutes that is logged by any other HaMagen users who are within two meters. The phone keeps a record of these messages — without any information to identify the user who transmitted them.
If an Israeli citizen tests positive for coronavirus, they have no legal requirement to reveal that they use the app. But if they choose, they can ask the Health Ministry for a code that will upload all the Bluetooth messages they transmitted — without information to identify them — to the ministry server.
Other HaMagen users don’t upload any data to the ministry, but they are constantly updated on which Bluetooth messages were transmitted by coronavirus patients. If messages stored on their app matches messages transmitted by someone who tested positive, their phone generates an alert.
A single matching message won’t trigger an alert because the encounter would have been too short to present a major risk of infection, but if three consecutive messages were logged from the same person, this signals an encounter of 15 minutes and an alert is generated.
Pinkas said: “If you were next to someone with COVID it tells you but doesn’t tell the government. It’s about giving information to users so they can choose to go into self-isolation and tell the government they are doing so, but not forcing them. We’re hoping they will do the right thing.”
Ronen and Pinkas were convinced that more people will act on alerts, and choose to isolate if they have information about the time and location of exposure to coronavirus. But they were determined not to give the government access to GPS data from users’ phones.
“Alerts do come with time and location, as users’ phones remember the GPS location when each Bluetooth message was received, but don’t share this data with anyone else,” said Ronen. “It means that when an alert is generated, your phone knows where it was, and can tell you, without compromising privacy.”
Pinkas said that the new app has high stakes riding on it because “the alternatives are much worse.”
One alternative is the continuation of Shin Bet tracking which, if case numbers grow, could end up with huge numbers of Israelis placed in quarantine due to its imprecision, according to Pinkas. He said the other possibility is a Bluetooth app, but one that is compulsory, with the government automatically granted access to alerts.
“This would start a cat and mouse game, with people turning phones off or putting them in aluminum containers,” said Pinkas. “It would be impossible and in the end they would have to put bracelets on everyone’s hands that you aren’t allowed to remove.”
As reported by The Times of Israel