COVID-19 Contact-Tracing App Must-Haves: Security, PrivacyGovernments Have One Chance to Earn Users' Trust, Says Security Expert Alan Woodward
As the COVID-19 pandemic continues, many nations have introduced - or announced plans to introduce - smartphone-based contact-tracing apps to help fight the virus. But while such programs may have public health benefits, hundreds of scientists and researchers, in an open letter, have warned that they could facilitate "unprecedented surveillance of society at large," unless these apps get rolled out in a transparent and open manner, with security and privacy safeguards in place (see: Contact-Tracing Apps Must Respect Privacy, Scientists Warn).
See Also: Anatomy of a Modern Phishing Attack
"Everybody accepts that extraordinary times call for extraordinary measures, but that has to be done in a measured way and you have to … have this public debate about the risk," says Alan Woodward, a signatory to the letter who's a visiting professor at England's University of Surrey. "Our motivation behind all of this is not that we're all privacy nuts and we think that the government's going to be spying on us, although some governments will doubtless try to use this for that. It's that people have to trust this."
In this video interview with Information Security Media Group, Woodward discusses:
- Why manual-based contact tracing methods are too slow to combat COVID-19;
- The limits of Bluetooth for tracking physical location and duration of contact;
- Centralized versus decentralized approaches to contact-tracing apps;
- Balancing security, privacy, engineering, usability and epidemiological concerns while rolling out a public-health-technology project of unprecedented scale.
In addition to his role as visiting professor at the department of computing at University of Surrey in England, Woodward is an adviser to TeenTech, which encourages teenagers to pursue careers in the fields of science, engineering and technology. He is also an academic cybersecurity adviser to Europol.