UK NHS coronavirus app update blocked for breaking Apple, Google rules

Posted:
in General Discussion
An update to the UK's coronavirus contact-tracing app has been blocked because it breaks rules about collecting location data.

The UK's COVID contact-tracing app
The UK's COVID contact-tracing app


The UK has attempted to update its controversial COVID contact-tracing app to coincide with the relaxation of lockdown rules in England and Wales. The new version would reportedly have asked users to upload venue check-ins, thereby sharing location data.

According to BBC News, both Apple and Google explicitly ban the collection of any location data on privacy grounds. Consequently, both companies have refused the update and only the previous version of the app remains available to download.

BBC News says that the UK's Department of Health declined to discuss the development. However, the UK did announce the new update before it was blocked, claiming that a "privacy-protecting" approach was being taken.

"The app has been designed with user privacy in mind, so it tracks the virus not people, and uses the latest in data security technology to protect privacy," said a spokeswoman at the time.

BBC News notes that Scotland avoided breaking the Apple/Google agreement by releasing a separate app called Check In Scotland.

The UK originally refused to use the Apple/Google framework for COVID contact tracing apps, preferring its own data-collecting system instead. Its $15.6 million investment in that system then failed to produce a functioning app.

Following that failure, the UK government then falsely claimed that no country in the world had got the Apple/Google system to work -- before adopting it.

Even using the Apple/Google framework, the UK's system then had issues when users upgrade to the iPhone 12.

Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.

Comments

  • Reply 1 of 19
    EsquireCatsEsquireCats Posts: 1,140member
    Now if there were a series of app stores that developers could choose from, they could force the app stores to compete against each other, setting up the quality review and approval process to be a race to the bottom. Where the bottom is the removal of consumer protections while delivering zero cost benefits to them.
    watto_cobra
  • Reply 2 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    Neither Google nor Apple have a contact tracing app.
    They do have a low end notification system.   But it cannot be used for contact tracing.

    The lack of testing and tracing is one of the reasons why western nations suffered so heavily from the virus.   That lack of testing and tracing was one of the factors that led to the unconstrained spread of the virus -- like a wildfire in dry timber.

    The price of that "freedom" were hundreds of thousands of deaths and tens of millions unemployed.
    tokyojimu
  • Reply 3 of 19
    qwerty52qwerty52 Posts: 283member
    How sad it is this? The world upside down!
    A private company as Apple is more concerned about the users privacy than the government, which is normally supposed to protect its citizens
    right_said_fredlkruppwatto_cobraPetrolDaveTRAG
  • Reply 4 of 19
    neilmneilm Posts: 874member
    But, but...isn't location tracking pretty much a core function of any contact tracing app?
  • Reply 5 of 19
    scatzscatz Posts: 13member
    When we go into a pub (bar) or restaurant, we are supposed to scan the qr code in the venue window which lets the app know where we are in case we need to be notified of an outbreak from someone who was there.

    I guess the NHS has decided to collect this information from the phone to a central server so they can call is if we need to quarantine.

    This collection of data i guess is the reason for the update rejection.

    Previously we would have to leave our name and address before entering the venue - on paper. Then the owner would call people up if they had a reported outbreak.

    oh the fun of it all !
    watto_cobra
  • Reply 6 of 19
    Some context from someone who live in the UK and knows people who worked in the digital NHS side of things.

    In Jan of last year the UK GOV quickly started work on their own contact tracing app. This is well before Apple and Google had released their OS level contact tracing API. Just before Apple and Google released a beta of their APIs, the UK Gov had already progressed to the point where they had a working app. They decided to continue down this route having already committed resources and because they were concerned a delay could cost lives. They begun a trial on a small island just as Apple and Google released the first beta of their API. After a week or so it became clear it did not perform to the level they hoped and so they started looking at the Apple and Google API. They found in some cases their algorithms were more accurate than Apple and Google's. This got fed back to Apple and Google who later released an update to the API that improved its accuracy and reliability. At this point the UK contact tracing app was rebuilt on Apple and Google's API. So the UK Gov didn't purposefully snub the Apple and Google API, with good intentions they tired to move fast and found this is really something that needs to be implemented at the OS level.

    The second point of conflict between Apple and the UK Gov is the integration with the NHS's extensive digital information systems. There had been plans to integrate it into various digital services provided by the NHS but Apple's guidelines prevented this. So these features were eventually dropped or substituted for much simpler solutions. There was some resentment within NHS and UK Gov that vital data couldn't be directly fed into their health tracking systems but in the end they realised what was really important and scaled back their ambitions.

    I think we need to acknowledge the difference between Facebook collecting huge amounts of personal data for profit and the NHS collecting data to provide a streamlined digital health service. Privacy of data is always important but the context within which its used needs to be taken into account. I do wonder whether Apple's guidelines on this are too simplistic after all the NHS's goals are very different to that of Facebook's.
    GeorgeBMacelijahgmariowincowatto_cobrajony0
  • Reply 7 of 19
    davidwdavidw Posts: 1,177member
    neilm said:
    But, but...isn't location tracking pretty much a core function of any contact tracing app?
    Yes, but only the app is suppose to know where a phone has been. Even at Apple and Google end, the data is anonymous and they don't know the who. Though I would think Apple and Google could find out who own the phone if they had to. Like under a court order.

    With this update, the UK government would have known where a phone has been and who own the phone. But only if the owner voluntarily uploaded any requested venue check-ins to share their location. This is not allowed by Google or Apple. Any one using Google or Apple contact tracing API is not suppose to collect any data about the people whose phone is being tracked, even if the phone owner voluntarily uploaded their location data. I assume that it would not be an issue if the data the UK government got was anonymous and the government had no way of determining the who and only the where.  
    watto_cobra
  • Reply 8 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    qwerty52 said:
    How sad it is this? The world upside down!
    A private company as Apple is more concerned about the users privacy than the government, which is normally supposed to protect its citizens

    Contact Tracing IS protecting its citizens.   Letting the virus massacre them is the opposite.
    elijahgjony0
  • Reply 9 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    neilm said:
    But, but...isn't location tracking pretty much a core function of any contact tracing app?

    This is not and never was a contact tracing app -- that's why Google & Apple stopped calling it that.

    It is merely a notification system.   IF somebody signed up with it reports they're infected, your phone will know if you were near them.
    edited April 12 jony0
  • Reply 10 of 19
    Rayz2016Rayz2016 Posts: 6,696member
    neilm said:
    But, but...isn't location tracking pretty much a core function of any contact tracing app?
    Apple/Google doesn’t need to know where you are to notify you that your phone is carrying a token from someone who tested positive. 
    GeorgeBMacwatto_cobraPetrolDaveqwerty52jony0
  • Reply 11 of 19
    The entire thing, along with most aspects of the pandemic handling by our inept government have needed up being outsourced and cost huge amounts and invariably fail to do what was needed. The “NHS” app is one of those - a summary from Wired https://www.wired.co.uk/article/nhs-tracing-app-scrapped-apple-google-uk

    The UK government is changing security laws to allow them to get away with more intrusive operations with no comeback and the idea that this latest attempt to grab more information from us English citizens is a “misstep” as the BBC irritatingly call it is laughable. I’d call it our lot seeing what they could get away with - “Oh, I didn’t realise we had to comply with the terms we signed”, rather like the government has done with the EU over Brexit:

    “Under the terms that all health authorities signed up to in order to use Apple and Google's privacy-centric contact-tracing tech, they had to agree not to collect any location data via the software. 

    As a result, Apple and Google refused to make the update available for download from their app stores last week, and have instead kept the old version live.

    When questioned, the Department of Health declined to discuss how this misstep had occurred.”

    watto_cobraPetrolDave
  • Reply 12 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    The entire thing, along with most aspects of the pandemic handling by our inept government have needed up being outsourced and cost huge amounts and invariably fail to do what was needed. The “NHS” app is one of those - a summary from Wired https://www.wired.co.uk/article/nhs-tracing-app-scrapped-apple-google-uk

    The UK government is changing security laws to allow them to get away with more intrusive operations with no comeback and the idea that this latest attempt to grab more information from us English citizens is a “misstep” as the BBC irritatingly call it is laughable. I’d call it our lot seeing what they could get away with - “Oh, I didn’t realise we had to comply with the terms we signed”, rather like the government has done with the EU over Brexit:

    “Under the terms that all health authorities signed up to in order to use Apple and Google's privacy-centric contact-tracing tech, they had to agree not to collect any location data via the software. 

    As a result, Apple and Google refused to make the update available for download from their app stores last week, and have instead kept the old version live.

    When questioned, the Department of Health declined to discuss how this misstep had occurred.”


    I'm not clear how trying to save lives (and the economy) by identifying infectious people and stopping them from infecting others is an "attempt to grab more information from us"
    elijahgjony0
  • Reply 13 of 19
    crowleycrowley Posts: 7,620member
    Rayz2016 said:
    neilm said:
    But, but...isn't location tracking pretty much a core function of any contact tracing app?
    Apple/Google doesn’t need to know where you are to notify you that your phone is carrying a token from someone who tested positive. 
    But if a COVID infected person who wasn't using the app is traced to a populated location then they can send a notification to everyone who was at the location at the same time.
  • Reply 14 of 19
    Take into account the multiple IT failures by the NHS and its obvious that any assurances given about data security have to be treated with extreme scepticism. So you have to assume that any location data held by the NHS will be either hacked or misused.
  • Reply 15 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    Take into account the multiple IT failures by the NHS and its obvious that any assurances given about data security have to be treated with extreme scepticism. So you have to assume that any location data held by the NHS will be either hacked or misused.

    How many people died in the UK because they didn't have effective means to find and remove those infected individuals who were roaming the streets and businesses infecting others?  How many deaths is your presumed privacy worth?
    jony0
  • Reply 16 of 19
    davidwdavidw Posts: 1,177member
    Take into account the multiple IT failures by the NHS and its obvious that any assurances given about data security have to be treated with extreme scepticism. So you have to assume that any location data held by the NHS will be either hacked or misused.

    How many people died in the UK because they didn't have effective means to find and remove those infected individuals who were roaming the streets and businesses infecting others?  How many deaths is your presumed privacy worth?
    https://www.healthcareitnews.com/news/survey-says-majority-americans-wont-use-covid-19-contact-tracing-apps

    The only way any contact tracing app is going to save as many lives as you claim, is to gain the trust of the people and have about 70% of the people in the population using one. According to surveys, there is no way to even get a simple majority of the people to use a contact tracing app, if they don't think any private data collected is safe or will remain safe.

    Apple and Google did it right. Keep the personal data private from the government and health providers and to get as many people using a contact tracing app as possible.  That's why in order to use Google and Apple contact tracing API, there is to be no collection of users data. NONE. Much more lives can be save by more people using a contact tracing app than by the government or health providers knowing who is infected and where they have been, so they can be removed. And that can only be achieve if the people trust that their private data is safe or not collected at all, when using a contact tracing app.  

    https://www.brinknews.com/why-wont-people-use-contact-tracing-apps/

    How many people died in the UK because the majority of the people weren't using a contact tracing app, because they were concern about their privacy? You actually think that people will use a contact tracing app to inform others that they have tested positive, if there was the slightest possibility that the government can use private data collected from the app and send someone to remove them?  
  • Reply 17 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    davidw said:
    Take into account the multiple IT failures by the NHS and its obvious that any assurances given about data security have to be treated with extreme scepticism. So you have to assume that any location data held by the NHS will be either hacked or misused.

    How many people died in the UK because they didn't have effective means to find and remove those infected individuals who were roaming the streets and businesses infecting others?  How many deaths is your presumed privacy worth?
    https://www.healthcareitnews.com/news/survey-says-majority-americans-wont-use-covid-19-contact-tracing-apps

    The only way any contact tracing app is going to save as many lives as you claim, is to gain the trust of the people and have about 70% of the people in the population using one. According to surveys, there is no way to even get a simple majority of the people to use a contact tracing app, if they don't think any private data collected is safe or will remain safe.

    Apple and Google did it right. Keep the personal data private from the government and health providers and to get as many people using a contact tracing app as possible.  That's why in order to use Google and Apple contact tracing API, there is to be no collection of users data. NONE. Much more lives can be save by more people using a contact tracing app than by the government or health providers knowing who is infected and where they have been, so they can be removed. And that can only be achieve if the people trust that their private data is safe or not collected at all, when using a contact tracing app.  

    https://www.brinknews.com/why-wont-people-use-contact-tracing-apps/

    How many people died in the UK because the majority of the people weren't using a contact tracing app, because they were concern about their privacy? You actually think that people will use a contact tracing app to inform others that they have tested positive, if there was the slightest possibility that the government can use private data collected from the app and send someone to remove them?  

    You point to a failure of government to govern effectively in a crisis.
    Other countries did it well and not only saved lives but their economy as well.  Others killed tens and hundreds of thousands of their own citizens and crashed their own economies.

    So, I ask again:  How much is your precious privacy worth to you?   How much in lives ended prematurely?  How much economic devastation?
    jony0
  • Reply 18 of 19
    crowleycrowley Posts: 7,620member
    davidw said:
    Take into account the multiple IT failures by the NHS and its obvious that any assurances given about data security have to be treated with extreme scepticism. So you have to assume that any location data held by the NHS will be either hacked or misused.

    How many people died in the UK because they didn't have effective means to find and remove those infected individuals who were roaming the streets and businesses infecting others?  How many deaths is your presumed privacy worth?
    https://www.healthcareitnews.com/news/survey-says-majority-americans-wont-use-covid-19-contact-tracing-apps

    The only way any contact tracing app is going to save as many lives as you claim, is to gain the trust of the people and have about 70% of the people in the population using one. According to surveys, there is no way to even get a simple majority of the people to use a contact tracing app, if they don't think any private data collected is safe or will remain safe.

    Apple and Google did it right. Keep the personal data private from the government and health providers and to get as many people using a contact tracing app as possible.  That's why in order to use Google and Apple contact tracing API, there is to be no collection of users data. NONE. Much more lives can be save by more people using a contact tracing app than by the government or health providers knowing who is infected and where they have been, so they can be removed. And that can only be achieve if the people trust that their private data is safe or not collected at all, when using a contact tracing app.  

    https://www.brinknews.com/why-wont-people-use-contact-tracing-apps/

    How many people died in the UK because the majority of the people weren't using a contact tracing app, because they were concern about their privacy? You actually think that people will use a contact tracing app to inform others that they have tested positive, if there was the slightest possibility that the government can use private data collected from the app and send someone to remove them?  

    You point to a failure of government to govern effectively in a crisis.
    Other countries did it well and not only saved lives but their economy as well.  Others killed tens and hundreds of thousands of their own citizens and crashed their own economies.

    So, I ask again:  How much is your precious privacy worth to you?   How much in lives ended prematurely?  How much economic devastation?
    Quit the false equivalence.  My privacy did not cause others lives to end prematurely, or cause economic devastation.  The actions of others did that, and me sacrificing privacy would not have changed that.
    muthuk_vanalingam
  • Reply 19 of 19
    GeorgeBMacGeorgeBMac Posts: 9,220member
    crowley said:
    davidw said:
    Take into account the multiple IT failures by the NHS and its obvious that any assurances given about data security have to be treated with extreme scepticism. So you have to assume that any location data held by the NHS will be either hacked or misused.

    How many people died in the UK because they didn't have effective means to find and remove those infected individuals who were roaming the streets and businesses infecting others?  How many deaths is your presumed privacy worth?
    https://www.healthcareitnews.com/news/survey-says-majority-americans-wont-use-covid-19-contact-tracing-apps

    The only way any contact tracing app is going to save as many lives as you claim, is to gain the trust of the people and have about 70% of the people in the population using one. According to surveys, there is no way to even get a simple majority of the people to use a contact tracing app, if they don't think any private data collected is safe or will remain safe.

    Apple and Google did it right. Keep the personal data private from the government and health providers and to get as many people using a contact tracing app as possible.  That's why in order to use Google and Apple contact tracing API, there is to be no collection of users data. NONE. Much more lives can be save by more people using a contact tracing app than by the government or health providers knowing who is infected and where they have been, so they can be removed. And that can only be achieve if the people trust that their private data is safe or not collected at all, when using a contact tracing app.  

    https://www.brinknews.com/why-wont-people-use-contact-tracing-apps/

    How many people died in the UK because the majority of the people weren't using a contact tracing app, because they were concern about their privacy? You actually think that people will use a contact tracing app to inform others that they have tested positive, if there was the slightest possibility that the government can use private data collected from the app and send someone to remove them?  

    You point to a failure of government to govern effectively in a crisis.
    Other countries did it well and not only saved lives but their economy as well.  Others killed tens and hundreds of thousands of their own citizens and crashed their own economies.

    So, I ask again:  How much is your precious privacy worth to you?   How much in lives ended prematurely?  How much economic devastation?
    Quit the false equivalence.  My privacy did not cause others lives to end prematurely, or cause economic devastation.  The actions of others did that, and me sacrificing privacy would not have changed that.

    Denial is a powerful force -- it drives much of the right wing conspiracy theories.

    In this case, Over 500,000 died in the U.S.   While less than 5,000 in China
    Meanwhile, while we are still largely shut down, China has been fully operational, open and growing their economy for almost a year now.

    Enjoy your "privacy" and "Independence".  It killed Americans and the American economy.
    jony0
Sign In or Register to comment.