Expert Advise On Protecting User Privacy In Tracking Apps With Confidential Computing

Over the weekend there was news that developers and medical experts across Europe are looking to launch opt-in apps that they say will help health officials stem the spread of the virus while protecting personal privacy.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Dr Richard Searle
Dr Richard Searle , Senior Security Architect
InfoSec Expert
April 8, 2020 1:20 pm

Globally we are seeing a number of tracking applications being developed and implemented to help prevent the spread of COVID-19. However, the introduction of these apps does not come without a number of privacy and data protection concerns. The most obvious of these concerns are that personal healthcare data will be shared, alongside data tracking an individual’s movements and it is more than likely that data collected by commercial applications will be exchanged with sovereign governments.

However, there is a way of implementing applications used to aggregate personal data in order to help to deal with the pandemic sweeping the globe, whilst also protecting the privacy of individuals. There is an emerging field in cybersecurity called privacy-preserving analytics that uses confidential computing technology, now available at scale within the public cloud, to enable applications that track extremely private data from multiple sources, to perform data analysis and search, without identifying the individual or exposing their private data, even to the author of the application. By implementing confidential computing methods within these apps, it would be possible to guarantee to an application user that no one could explicitly associate their movements with their personal identity and healthcare data even if they allowed their mobile phone location services to be used in such an app. Being able to offer this assurance would likely lead to more people opting into these applications, enhancing the utility of resultant data analyses when it comes to reaching the goal of controlling this virus.

This pandemic has taken the world by surprise, and it is only natural that we are trying to find a quick solution that will help to control the virus and consequently save lives. Nevertheless, it is vital that for this and future pandemics, authorities, including the likes of the NHS and WHO, should be building these tracking applications with the ability to ensure that privacy laws and norms are not violated. In resolving the current health crisis, we should not be creating a privacy crisis with unforeseen consequences for the very people seeking to contribute to our collective welfare.

Last edited 2 years ago by Dr Richard Searle
1
0
Would love your thoughts, please comment.x
()
x