The following was written by Melyssa Eigen, J.D. Candidate at Harvard Law School, under the guidance of Professor Urs Gasser. This is the second installment in a series of briefing documents about COVID-19 apps in several countries around the world. The first briefing document covers Switzerland. [1]
An Overview
Germany’s Corona Warn-App is a smartphone warning system designed to let users know when they’ve been in contact with someone who tested positive for COVID-19. It is a completely voluntary app that can be used on both iOS and Android platforms. The app was commissioned by the Robert Koch Institute (RKI), Germany’s public health institute, and became nationally available for download on June 16th, 2020. The following describes the app in terms of its technological, data, institutional and behavioral aspects and provides some other key insights about the app.
Technological:
The app uses a Bluetooth model that’s compatible with Android, for Android 6 versions and later, and iOS, for iPhone 6S with iOS 13.5 versions and later. When a user’s phone detects another phone at a specific distance and time duration set by RKI, currently 2 meters for a period of 15 minutes or longer, the phones exchange randomized IDs through the app and record the contact. If a user becomes infected and tests positive, they can volunteer to inform others through the app by manually moving a toggle in the app to ‘positive’. In order to validate their positive result, they will enter a TAN key provided by a testing center hotline. Once verified, their random, non-identifiable ID will be shared with a central server managed by the federal government. The app regularly pings the central server to check for the random IDs users were in contact with. If there’s a match, the app sends the user a warning message. The app also shows users their estimated risk level based on their contacts -- low, increased, or unknown. In order to protect privacy, users will not be notified in real-time when they interact with an infected person. Currently, the app only works in Germany itself, leaving questions about interoperability across Europe, but is available in the app stores of other European countries. It is also available as an open source project on Github.
Data:
The Corona Warn-App uses a decentralized storage method, which stores the randomized IDs of a user’s contacts locally on the user’s phone. The app does use a central server to store the random IDs that users voluntarily share when they test positive, but does not record any information beyond this. This means that although the app uses the central server to look for random IDs of infected contacts, the server does not record if a user was in contact with someone who tested positive. After two weeks, the contacts are automatically deleted from their phone -- these contacts are not stored in back-up files. For additional security, a user's random ID consistently changes every 10-20 minutes to maintain anonymity. No personal data is stored or shared by the app, and the random IDs cannot be decrypted or traced back to a user’s device.
Institutional:
The Corona Warn-App is a collaborative effort across Germany’s government with advice from the private sector and civil society. The federal government’s goal with the app is to enhance the ongoing response to COVID-19 by accelerating knowledge about potential infections. It was commissioned at the direction of RKI, Germany’s public health institute, and was built by Deutsche Telekom and SAP with input from the Center for Information Security (CISPA). They also worked with Apple and Google in order to interface with their APIs. Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI) and the Federal Office for Information Security (BSI) have been involved from the start. The app’s design was also guided by GDPR, thus making sure data protection was and continues to be a top priority. Recently, Chancellor Angela Merkel also supported the app by encouraging residents to use it.
Behavioral:
So far the public, both nationally and internationally, have supported and even praised Germany’s overall response to COVID-19. The government continues to prioritize security and transparency for their response and specifically the app. Despite this, there are still concerns around data protection, the costliness of the app, at 20 million euros so far, and technical difficulties, such as not having a compatible iPhone model. Some researchers estimate that a 60% adoption rate is necessary for the app to be effective, making initial polls from early June, with less than 50% of respondents supporting the app, worrisome. However, the 18-19% download rate as of July 16th seems rather promising given these initial polls. With recent spikes in infections around Europe, the increasing number of app users may make the country’s response more effective for those who are able to avoid crowded situations and quarantine safely.
What makes the Corona Warn-App interesting?
History of Surveillance:
Germany’s history may be a contributing factor towards the early public skepticism about an app that traces your contacts and your health data despite the federal government’s prioritization of data protection. First in Nazi Germany and later in East Germany, the government employed extensive surveillance tactics to collect large amounts of information about its people. During these times the information was frequently used against the people, persecuting those they deemed “dissidents”. Thus it’s not surprising that people are hesitant to download the app, as we saw through the outcries against “digital authoritarianism” when Germany originally proposed a centralized app earlier this spring.
Optimized Security:
Perhaps Germany’s history is one of the reasons the federal government has been so careful about data protection while designing the app. Originally the Corona Warn-App was supposed to use a centralized storage system, but after debate within the scientific community in April, it pivoted to a decentralized storage plan in order to increase security and public trustworthiness even though this change would delay the app’s release and incur additional costs. It’s clear that security and privacy have been a top priority for the app, shown through consistent involvement of data protection officials, information security officials and community experts. The BSI performed security checks on the app’s infrastructure at different checkpoints during the development and continue to be involved. Even Germany’s Chaos Computer Club, a well-known hacker organization in Europe, has welcomed Germany’s security measures so far.
Full Transparency:
In addition to security and privacy, transparency is another tactic Germany is using that may help build trust. The app’s source code is available on Github for anyone to see and download. This allows the public to participate in the process, giving an opportunity for people to make suggestions and ask questions. The app’s developers even went beyond open source access by creating a ‘Common Problems’ section on their main FAQ page. There, they list technical issues that have already been identified and what steps they are planning to take to address the issues. Not only does this keep app users informed, but reassures them about the government’s efforts to continually improve the app and make it available to more people. With the resurgence in infections across Europe, hopefully the government’s efforts to be more transparent and promote security and privacy will effectively increase app downloads and use.
[1] Thank you to Philipp Otto from the iRights.Lab in Berlin, Germany for your input on this topic.