Privacy Guidelines for Contact Tracing Applications
- URL: http://arxiv.org/abs/2004.13328v1
- Date: Tue, 28 Apr 2020 06:44:14 GMT
- Title: Privacy Guidelines for Contact Tracing Applications
- Authors: Manish Shukla, Rajan M A, Sachin Lodha, Gautam Shroff, Ramesh Raskar
- Abstract summary: We discuss the scenarios which a contact tracing application should be able to handle.
We describe the various threat actors who can disrupt its working, or misuse end user's data.
We present privacy guidelines for contact tracing applications from different stakeholder's perspective.
- Score: 19.094312133714023
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Contact tracing is a very powerful method to implement and enforce social
distancing to avoid spreading of infectious diseases. The traditional approach
of contact tracing is time consuming, manpower intensive, dangerous and prone
to error due to fatigue or lack of skill. Due to this there is an emergence of
mobile based applications for contact tracing. These applications primarily
utilize a combination of GPS based absolute location and Bluetooth based
relative location remitted from user's smartphone to infer various insights.
These applications have eased the task of contact tracing; however, they also
have severe implication on user's privacy, for example, mass surveillance,
personal information leakage and additionally revealing the behavioral patterns
of the user. This impact on user's privacy leads to trust deficit in these
applications, and hence defeats their purpose.
In this work we discuss the various scenarios which a contact tracing
application should be able to handle. We highlight the privacy handling of some
of the prominent contact tracing applications. Additionally, we describe the
various threat actors who can disrupt its working, or misuse end user's data,
or hamper its mass adoption. Finally, we present privacy guidelines for contact
tracing applications from different stakeholder's perspective. To best of our
knowledge, this is the first generic work which provides privacy guidelines for
contact tracing applications.
Related papers
- PrivacyLens: Evaluating Privacy Norm Awareness of Language Models in Action [54.11479432110771]
PrivacyLens is a novel framework designed to extend privacy-sensitive seeds into expressive vignettes and further into agent trajectories.
We instantiate PrivacyLens with a collection of privacy norms grounded in privacy literature and crowdsourced seeds.
State-of-the-art LMs, like GPT-4 and Llama-3-70B, leak sensitive information in 25.68% and 38.69% of cases, even when prompted with privacy-enhancing instructions.
arXiv Detail & Related papers (2024-08-29T17:58:38Z) - Protect Your Score: Contact Tracing With Differential Privacy Guarantees [68.53998103087508]
We argue that privacy concerns currently hold deployment back.
We propose a contact tracing algorithm with differential privacy guarantees against this attack.
Especially for realistic test scenarios, we achieve a two to ten-fold reduction in the infection rate of the virus.
arXiv Detail & Related papers (2023-12-18T11:16:33Z) - Explainable Link Prediction for Privacy-Preserving Contact Tracing [5.866574931696403]
Contact tracing has been used to identify people who were in close proximity to those infected with SARS-Cov2 coronavirus.
A number of digital contract tracing applications have been introduced to facilitate or complement physical contact tracing.
We present ideas from Graph Neural Networks and explainability, that could improve trust in these applications, and encourage adoption by people.
arXiv Detail & Related papers (2020-12-10T08:58:24Z) - Towards Mass Adoption of Contact Tracing Apps -- Learning from Users'
Preferences to Improve App Design [3.187723878624947]
We explore user preferences for contact tracing apps using market research techniques and conjoint analysis.
Our results confirm the privacy-preserving design of most European contact tracing apps.
We conclude that adding goal-congruent features will play an important role in fostering mass adoption.
arXiv Detail & Related papers (2020-11-24T19:08:09Z) - Privacy-accuracy trade-offs in noisy digital exposure notifications [3.04585143845864]
There is interest in using the power of mobile phones to automate the contact-tracing process.
The rough idea is simple: use Bluetooth or other data-exchange technologies to record contacts between users, enable users to report positive diagnoses, and alert users who have been exposed to sick users.
Although designing practical protocols is of crucial importance, it is essential to realize that notifying users about exposure events may itself leak confidential information.
arXiv Detail & Related papers (2020-11-08T15:00:38Z) - BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data
Silos [73.84437456144994]
Contact tracing is an important method to control the spread of an infectious disease such as COVID-19.
Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices.
We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
arXiv Detail & Related papers (2020-07-05T10:33:45Z) - Confidential Computing for Privacy-Preserving Contact Tracing [0.18434042562191807]
We propose the use of the Intel SGX trusted execution environment to build a privacy-preserving contact tracing backend.
A prototype of a privacy-preserving contact tracing system based on SGX has been implemented by the authors in a hackathon.
arXiv Detail & Related papers (2020-06-25T08:06:23Z) - Trust and Transparency in Contact Tracing Applications [81.07729301514182]
The global outbreak of COVID-19 has led to efforts to manage and mitigate the continued spread of the disease.
One of these efforts include the use of contact tracing to identify people who are at-risk of developing the disease through exposure to an infected person.
There has been significant interest in the development and use of digital contact tracing solutions to supplement the work of human contact tracers.
The collection and use of sensitive personal details by these applications has led to a number of concerns by the stakeholder groups with a vested interest in these solutions.
arXiv Detail & Related papers (2020-06-19T20:29:24Z) - Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy.
We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
arXiv Detail & Related papers (2020-06-10T16:05:05Z) - Decentralized Privacy-Preserving Proximity Tracing [50.27258414960402]
DP3T provides a technological foundation to help slow the spread of SARS-CoV-2.
System aims to minimise privacy and security risks for individuals and communities.
arXiv Detail & Related papers (2020-05-25T12:32:02Z) - A Note on Cryptographic Algorithms for Private Data Analysis in Contact
Tracing Applications [7.734726150561088]
Contact tracing is an important measure to counter the COVID-19 pandemic.
We focus on various cryptographic techniques that can help in addressing the Private Set Intersection problem.
arXiv Detail & Related papers (2020-05-19T06:18:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.