This country needs a reality check, citizens need one, and government needs one – because we need the COVID-19 Contact Tracing app but we need it done right.

What are we talking about?

The Federal Government has announced that they will soon release an app for Australians to download that will enable a higher level of Contact Tracing to be used throughout the community to allow a faster backward tracing of any contacts someone who tests positive to Coronavirus might have had.

The problem is every report about this app – rightly – refers to “Tracing” and in many cases that word is changed to “tracking” and we’re all a bit sceptical of a government “tracking us”.

What we need is a greater understanding of just what the app is intended for, and how little information the government ever get

Here’s my initial overview of the app conversation in Australia and the Google and Apple plans around it.

What is Contact Tracing?

When you test positive to COVID-19, you are placed into isolation or medical care – but the other part of the process is your state health department begin the process of interviewing you to find out who else you might have infected.

They will ask you where you were yesterday, the day before and possibly the last two weeks. They will ask about all the people you were in contact with and for how long.

After establishing this list, they will attempt to contact people whom you might have infected, to recommend those people get tested also.

It’s a very manual process, relies a lot on your memory, and makes it very hard to really trace the impact of your infection other than on yourself and your immediate family.

Should we Trust this app?

It’s perfectly right for us to question every part of this process, and that’s what’s happening now, but we need to ensure that any concern is measured with reason.

The concerns are spot on, can the government track my movements? Will the government keep a log of who I’ve been in contact with? Will the government keep tracking us after the Coronavirus pandemic passes?

I’ll address those concerns individually here, but the critical thing is this App doesn’t work without your permission. This app stops working the moment you delete it from your phone and this app is being built to help bring the country out of the pandemic crisis.

Does this app track my movements?

No. There may be some apps around the world that also track your location – but there is absolutely no plan to track your location.

Do NOT believe the crackpots who try and tell you this. The government has zero interest in where you have been, they want to know who you have been in close contact with.

Will the Government keep a log of who I’ve been in contact with?

No. The government’s proposed app stores any information it gets about who you’ve been with locally on your phone. That means there is no central server storing all the details about who talked to who and who spent time with who. This is critical because such a server would be a target for hackers.

The data held on your phone will be encrypted, so that keeps it secure too. The data only leaves your phone if you test positive to COVID-19. That data is then used by State Health officials to contact the people you’ve been in contact with to begin the process of additional testing to ensure the spread of the virus is slowed or stopped.

Even on your phone, the app only retains information for the most recent 21 days. Any contacts before that are purged each and every day.

Will the Government keep tracking us after the Coronavirus pandemic passes?

No. The federal minister can end the app’s contact tracing abilities with the flick of a switch. Moreover, we the users can simply delete the app.

Because there is no central server of data, there is no data purge required.

But, it’s important that we have some of our best security minds working to check the source code of the app before it’s released (this has already been agreed) to ensure it’s secure, and have those same minds work to ensure no long-term data retention of any kind.

Will the app work?

So here’s the real issue. The answer is yes and no.

Firstly, it requires a large install base to have a real impact. If you want the restrictions on society lifted, we need 40-50% of people using the app at least.

But, 10% is still 10% more information than we have today, speeding up the contact tracing process in 10% of cases perhaps.

Critically though, there is a fundamental issue with the app in its current “Singapore based” form. Bluetooth is a brilliant way for devices to communicate with each other, allowing one device to know which other devices it’s been near by simply recording Bluetooth broadcast addresses.

However, on iPhones in particular, the ability for an App to keep a record of Bluetooth devices which are near the device in question, the App needs to be running. Background running apps cannot reliably be recording this information. As a result, you’ve either got a situation where the app is running and draining the battery on your phone, or it won’t be properly running and thus not recording a true representation of the people you’ve been close to.

Why the government must work with Apple and Google, now, not later

The government from my view are working on a great app. But I think the idea of transmitting mobile phone numbers between devices is over-reach.

Apple and Google are working on a global initiative. Their plan (and lets remember these are not two companies who are buddies, so this is a huge deal for them to work together) is to build a system into the core operating system that allows this Bluetooth communication between devices with ease and in fact without even installing an app.

It is and would always be opt in – but it exchanges only a Bluetooth address never a phone number or personal information. That Bluetooth address is randomly changed ever 15 minutes and there again is no central repository.

However, because it’s at the operating system level, the battery consumption issues are resolved, as are the “always working” problems of a third party app.

Apple is known for their privacy push. Google may not be, but they are working on a product that has privacy at its core.

Only when a person tests positive for COVID-19 does their Bluetooth number get shared into a database, and that database is checked by phones to check their own contact with positive cases. No central processing, no central database, and even a phone that doesn’t have the app can be alerted to their potential contact with a positive case.

What next?

I want everyone to download the app when it launches.

I want the Government to agree to work with Google and Apple to implement their system into the app as soon as it’s available.

I want COVID-19 to go away, let’s all help Stop the Spread – let’s get the app as soon as it’s available.