UK NHS coronavirus app update blocked for breaking Apple, Google rules
An update to the UK's coronavirus contact-tracing app has been blocked because it breaks rules about collecting location data.
The UK's COVID contact-tracing app
The UK has attempted to update its controversial COVID contact-tracing app to coincide with the relaxation of lockdown rules in England and Wales. The new version would reportedly have asked users to upload venue check-ins, thereby sharing location data.
According to BBC News, both Apple and Google explicitly ban the collection of any location data on privacy grounds. Consequently, both companies have refused the update and only the previous version of the app remains available to download.
BBC News says that the UK's Department of Health declined to discuss the development. However, the UK did announce the new update before it was blocked, claiming that a "privacy-protecting" approach was being taken.
"The app has been designed with user privacy in mind, so it tracks the virus not people, and uses the latest in data security technology to protect privacy," said a spokeswoman at the time.
BBC News notes that Scotland avoided breaking the Apple/Google agreement by releasing a separate app called Check In Scotland.
The UK originally refused to use the Apple/Google framework for COVID contact tracing apps, preferring its own data-collecting system instead. Its $15.6 million investment in that system then failed to produce a functioning app.
Following that failure, the UK government then falsely claimed that no country in the world had got the Apple/Google system to work -- before adopting it.
Even using the Apple/Google framework, the UK's system then had issues when users upgrade to the iPhone 12.
Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.
The UK's COVID contact-tracing app
The UK has attempted to update its controversial COVID contact-tracing app to coincide with the relaxation of lockdown rules in England and Wales. The new version would reportedly have asked users to upload venue check-ins, thereby sharing location data.
According to BBC News, both Apple and Google explicitly ban the collection of any location data on privacy grounds. Consequently, both companies have refused the update and only the previous version of the app remains available to download.
BBC News says that the UK's Department of Health declined to discuss the development. However, the UK did announce the new update before it was blocked, claiming that a "privacy-protecting" approach was being taken.
"The app has been designed with user privacy in mind, so it tracks the virus not people, and uses the latest in data security technology to protect privacy," said a spokeswoman at the time.
BBC News notes that Scotland avoided breaking the Apple/Google agreement by releasing a separate app called Check In Scotland.
The UK originally refused to use the Apple/Google framework for COVID contact tracing apps, preferring its own data-collecting system instead. Its $15.6 million investment in that system then failed to produce a functioning app.
Following that failure, the UK government then falsely claimed that no country in the world had got the Apple/Google system to work -- before adopting it.
Even using the Apple/Google framework, the UK's system then had issues when users upgrade to the iPhone 12.
Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.
Comments
I guess the NHS has decided to collect this information from the phone to a central server so they can call is if we need to quarantine.
This collection of data i guess is the reason for the update rejection.
Previously we would have to leave our name and address before entering the venue - on paper. Then the owner would call people up if they had a reported outbreak.
oh the fun of it all !
In Jan of last year the UK GOV quickly started work on their own contact tracing app. This is well before Apple and Google had released their OS level contact tracing API. Just before Apple and Google released a beta of their APIs, the UK Gov had already progressed to the point where they had a working app. They decided to continue down this route having already committed resources and because they were concerned a delay could cost lives. They begun a trial on a small island just as Apple and Google released the first beta of their API. After a week or so it became clear it did not perform to the level they hoped and so they started looking at the Apple and Google API. They found in some cases their algorithms were more accurate than Apple and Google's. This got fed back to Apple and Google who later released an update to the API that improved its accuracy and reliability. At this point the UK contact tracing app was rebuilt on Apple and Google's API. So the UK Gov didn't purposefully snub the Apple and Google API, with good intentions they tired to move fast and found this is really something that needs to be implemented at the OS level.
The second point of conflict between Apple and the UK Gov is the integration with the NHS's extensive digital information systems. There had been plans to integrate it into various digital services provided by the NHS but Apple's guidelines prevented this. So these features were eventually dropped or substituted for much simpler solutions. There was some resentment within NHS and UK Gov that vital data couldn't be directly fed into their health tracking systems but in the end they realised what was really important and scaled back their ambitions.
I think we need to acknowledge the difference between Facebook collecting huge amounts of personal data for profit and the NHS collecting data to provide a streamlined digital health service. Privacy of data is always important but the context within which its used needs to be taken into account. I do wonder whether Apple's guidelines on this are too simplistic after all the NHS's goals are very different to that of Facebook's.
With this update, the UK government would have known where a phone has been and who own the phone. But only if the owner voluntarily uploaded any requested venue check-ins to share their location. This is not allowed by Google or Apple. Any one using Google or Apple contact tracing API is not suppose to collect any data about the people whose phone is being tracked, even if the phone owner voluntarily uploaded their location data. I assume that it would not be an issue if the data the UK government got was anonymous and the government had no way of determining the who and only the where.
Contact Tracing IS protecting its citizens. Letting the virus massacre them is the opposite.
The UK government is changing security laws to allow them to get away with more intrusive operations with no comeback and the idea that this latest attempt to grab more information from us English citizens is a “misstep” as the BBC irritatingly call it is laughable. I’d call it our lot seeing what they could get away with - “Oh, I didn’t realise we had to comply with the terms we signed”, rather like the government has done with the EU over Brexit:
As a result, Apple and Google refused to make the update available for download from their app stores last week, and have instead kept the old version live.
When questioned, the Department of Health declined to discuss how this misstep had occurred.”
I'm not clear how trying to save lives (and the economy) by identifying infectious people and stopping them from infecting others is an "attempt to grab more information from us"
How many people died in the UK because they didn't have effective means to find and remove those infected individuals who were roaming the streets and businesses infecting others? How many deaths is your presumed privacy worth?
The only way any contact tracing app is going to save as many lives as you claim, is to gain the trust of the people and have about 70% of the people in the population using one. According to surveys, there is no way to even get a simple majority of the people to use a contact tracing app, if they don't think any private data collected is safe or will remain safe.
Apple and Google did it right. Keep the personal data private from the government and health providers and to get as many people using a contact tracing app as possible. That's why in order to use Google and Apple contact tracing API, there is to be no collection of users data. NONE. Much more lives can be save by more people using a contact tracing app than by the government or health providers knowing who is infected and where they have been, so they can be removed. And that can only be achieve if the people trust that their private data is safe or not collected at all, when using a contact tracing app.
https://www.brinknews.com/why-wont-people-use-contact-tracing-apps/
How many people died in the UK because the majority of the people weren't using a contact tracing app, because they were concern about their privacy? You actually think that people will use a contact tracing app to inform others that they have tested positive, if there was the slightest possibility that the government can use private data collected from the app and send someone to remove them?