Safe Together: Using technology to support fight against COVID-19

As reported by Italian press, the Copernicani NPO supports the non-for-profit efforts of a wide group of international volunteers to develop technologies helping and supporting practitioners in their fight against COVID-19.

Volunteers are private individuals, professionals, students and people connected or belonging to supporting institutions and private companies who joined pro bono the endeavour.

Mamacrowd, the highly reputable and leading crowdfunding platform in Italy has launched a fundraising campaign to support those volunteers who are economically penalized while devoting their time to this effort. All funds raised are going to flow in the participating volunteer accounts directly from Mamacrowd, with no go between passage and complete accountability.

(UPDATE: As clearly stated in the fundraising page, no money would have been collected if the project had not been selected by the Italian Government. Out of 319 projects submitted in response to the Gov’s call, our project was one of the two selected by the evaluation task force for an on-field benchmark and testing phase. Such phase has not taken place and, as today, an ordinance has been emitted in favour of the other selected project. Absent any  communication by the Government, on Apr. 17th we have decided to close the fundraising campaign without collecting any money).

The overall project, called Safe Together, is an ecosystem of independent software components and support services to provide the operators in charge with a set of tools to help tackle phase 2 of the epidemic emergency. The volunteers are divided into sub-projects teams and in coordination with each other.

1. Self-certification of movements: measure to comply with State or regional requirements. It allows to forecast places at risk of crowding, to report them to the authorities, to discourage the influx of people, informing people so they can decide to move in greater safety. It digitizes the procedure for the citizen and drastically speeds up the control by the authorities.

2. Cordon sanitaire : for shielding high-risk categories, the system supports the management of a “buffer” with immune persons, according to the proposal of Prof. Udi Shapiro from the Weizmann Institute. Healthcare professionals are the only authority that can register and associate a digital certificate (whose chain of trusts is internationally verifiable) certifying immunity on the smartphone. Designed for support staff for high-risk categories, it enables to verify directly the truthfulness and validity of the certificate, avoiding the risk of fraud.

3. Self-certification test: allows a person to document the performance of her own serology test and allows her to certify the result to third parties, for circumstances where lower level of certainty than required by the cordon sanitaire, is appropriate.

4. Tracing: contact/exposure information from de-identified users is collected efficiently and completely anonymously. It allows medical and emergency management authorities to take the correct actions to alert people who have had the closest contact with a person found to be infected. The system does not process personal information, using only anonymous data exchanged via Bluetooth LE. More details about tracing is provided below.

5. Quarantine: to guarantee physically the presence of the specific person in a set place is addressed in a number of ways including telephone check by a call center and, thanks to an IPR provided pro bono by the rightsholder, through a biometric recognition performed locally on the smartphone, which does not involve the transmission of any identifiable personal data. (UPDATE: a video of the system is available here)

6. Infrastructure management: Specialized support from companies specializing in the implementation, testing and roll-out phases of previous systems, addressing issues related to security aspects and related to infrastructure scalability. Management of the evolutionary maintenance of applications.

7. User interaction and Process Management: operational support in managing the flow of a user’s transaction from start to finish, accompanying the timing and actual flow of activities, as well as supporting users to meet their expectations (or performance standards) associated with each of the contact points provided.

We are aware that authorities are requiring direct control of the platforms they deploy and they want to run them from infrastructure under their control, often inside their borders, therefore our approach is focused on the definition of a set of protocols, the implementation of the supporting backends and the provision of a reference implementation of the user facing clients.

Some components are ready to be used, others are under development. Those interested in providing their input or support the initiative can send an email. The committee draft is located here.

Focus on Tracing

The tracing component is called Coronavirus Outbreak Control. The high level description (in Italian) can be found here, the repository is here . The system is provided to national health authorities for free and with an open source licence. Some portions are presently retained and will be released after the reviews by two governments are finalized. (The system is presently under due diligence in Italy, Brazil, Canada, and with discussions starting with other states).

The system is absolutely compliant with strict EU privacy rules (it has been presented to EU institutions).

Our approach offers some features that, to the extent of our present knowledge, appear unique:

• it is based on Bluetooth LE

• fully supports currently existing iPhones

• allows for 2nd and 3rd degree contacts tracing (*)

• allows to infer infected but asymptomatic people

• supports international “roaming contacts” tracement (**)

• has undergone independent security audits and scalability/load tests

• has undergone a legal due diligence (twice)

• the source code has been inspected line-by-line by state institutions.

(*) Normally, after Alice is PCR tested, some time lapses before results arrive. In that timeframe Bob, who has been infected by Alice becomes contagious and can thus infect Carlos, a second degree contact of Alice.

(**) During our interactions with some governments and Europe, we have learned that states want to deploy their servers locally, so we built a protocol to allow for interoperability of international contact tracking.

Prof. Sarah Spiekermann, chair of the the Institute for Information Systems & Society of the Austrian University of Vienna’s has released a comprehensive features benchmark of privacy friendly Coronavirus tools , also twitted by the German Federal Government’s Foundation for Data Protection (Stiftung Datenschutz).

This is an excerpt of the detailed comparison spreadsheet: