Safe Together: Using technology to support fight against COVID-19

As reported by Italian press, the Copernicani NPO supports the non-for-profit efforts of a wide group of international volunteers to develop technologies helping and supporting practitioners in their fight against COVID-19.

Volunteers are private individuals, professionals, students and people connected or belonging to supporting institutions and private companies who joined pro bono the endeavour.

Mamacrowd, the highly reputable and leading crowdfunding platform in Italy has launched a fundraising campaign to support those volunteers who are economically penalized while devoting their time to this effort. All funds raised are going to flow in the participating volunteer accounts directly from Mamacrowd, with no go between passage and complete accountability.

(UPDATE: As clearly stated in the fundraising page, no money would have been collected if the project had not been selected by the Italian Government. Out of 319 projects submitted in response to the Gov’s call, our project was one of the two selected by the evaluation task force for an on-field benchmark and testing phase. Such phase has not taken place and, as today, an ordinance has been emitted in favour of the other selected project. Absent any communication by the Government, on Apr. 17th we have decided to close the fundraising campaign without collecting any money).

The overall project, called Safe Together, is an ecosystem of independent software components and support services to provide the operators in charge with a set of tools to help tackle phase 2 of the epidemic emergency. The volunteers are divided into sub-projects teams and in coordination with each other.

Self-certification of movements: measure to comply with State or regional requirements. It allows to forecast places at risk of crowding, to report them to the authorities, to discourage the influx of people, informing people so they can decide to move in greater safety. It digitizes the procedure for the citizen and drastically speeds up the control by the authorities.
Cordon sanitaire : for shielding high-risk categories, the system supports the management of a “buffer” with immune persons, according to the proposal of Prof. Udi Shapiro from the Weizmann Institute. Healthcare professionals are the only authority that can register and associate a digital certificate (whose chain of trusts is internationally verifiable) certifying immunity on the smartphone. Designed for support staff for high-risk categories, it enables to verify directly the truthfulness and validity of the certificate, avoiding the risk of fraud.
Self-certification test: allows a person to document the performance of her own serology test and allows her to certify the result to third parties, for circumstances where lower level of certainty than required by the cordon sanitaire, is appropriate.
Tracing: contact/exposure information from de-identified users is collected efficiently and completely anonymously. It allows medical and emergency management authorities to take the correct actions to alert people who have had the closest contact with a person found to be infected. The system does not process personal information, using only anonymous data exchanged via Bluetooth LE. More details about tracing is provided below.
Quarantine: to guarantee physically the presence of the specific person in a set place is addressed in a number of ways including telephone check by a call center and, thanks to an IPR provided pro bono by the rightsholder, through a biometric recognition performed locally on the smartphone, which does not involve the transmission of any identifiable personal data. (UPDATE: a video of the system is available here)
Infrastructure management: Specialized support from companies specializing in the implementation, testing and roll-out phases of previous systems, addressing issues related to security aspects and related to infrastructure scalability. Management of the evolutionary maintenance of applications.
User interaction and Process Management: operational support in managing the flow of a user’s transaction from start to finish, accompanying the timing and actual flow of activities, as well as supporting users to meet their expectations (or performance standards) associated with each of the contact points provided.

We are aware that authorities are requiring direct control of the platforms they deploy and they want to run them from infrastructure under their control, often inside their borders, therefore our approach is focused on the definition of a set of protocols, the implementation of the supporting backends and the provision of a reference implementation of the user facing clients.

Some components are ready to be used, others are under development. Those interested in providing their input or support the initiative can send an email. The committee draft is located here.

Focus on Tracing

The tracing component is called Coronavirus Outbreak Control. The high level description (in Italian) can be found here, the repository is here . The system is provided to national health authorities for free and with an open source licence. Some portions are presently retained and will be released after the reviews by two governments are finalized. (The system is presently under due diligence in Italy, Brazil, Canada, and with discussions starting with other states).

The system is absolutely compliant with strict EU privacy rules (it has been presented to EU institutions).

Our approach offers some features that, to the extent of our present knowledge, appear unique:

it is based on Bluetooth LE
fully supports currently existing iPhones
allows for 2nd and 3rd degree contacts tracing (*)
allows to infer infected but asymptomatic people
supports international “roaming contacts” tracement (**)
has undergone independent security audits and scalability/load tests
has undergone a legal due diligence (twice)
the source code has been inspected line-by-line by state institutions.

(*) Normally, after Alice is PCR tested, some time lapses before results arrive. In that timeframe Bob, who has been infected by Alice becomes contagious and can thus infect Carlos, a second degree contact of Alice.

(**) During our interactions with some governments and Europe, we have learned that states want to deploy their servers locally, so we built a protocol to allow for interoperability of international contact tracking.

Prof. Sarah Spiekermann, chair of the the Institute for Information Systems & Society of the Austrian University of Vienna’s has released a comprehensive features benchmark of privacy friendly Coronavirus tools , also twitted by the German Federal Government’s Foundation for Data Protection (Stiftung Datenschutz).

This is an excerpt of the detailed comparison spreadsheet:

Version 2_Analysis on April 9th 2020
Investigated app solutions and their online sources	DP – 3T	Covid Community Alert
Degree of Centralization vs. Decentralization of Information Processing
Is the App Responsible registering the Digital Handshakes between devices?	no	yes
Could the App Responsible identify the citizens which were engaged in concrete digital handshakes?	no	no
Are infection data stored on a individual personal level by the App Responsible?	no	yes
Will any infection data be stored by the App Responsible?	yes	yes
Degree of Identification of the Data Subject (A)
Will the person B receiving an infection notification know who infected him or her?	no	no
Will the App Responsible learn the personal identity of those who are infected?	no	no
Does the App adopt measures to prevent client side tracing?	yes	yes
Surveillance Capitalism: Does the App leave traces with companies engaged in data commercialization?
Will users of the app need to download the application from an Apple or Google Play Store?	NA	yes
Is it necessary to use proprietary functions, such as Google Nearby in order to estimate the distance between two people (so that handshakes can be reduced to those in 2 Meter proximity)	no	no
Is the App Responsible outsourcing data storage to a company that is engaged in any kind of data commercialization?	no	no
Degree of Communication Security of Notifications and Data Exchange
Is the message containing infection data encrypted?	yes	yes
Transparency and Control
Open Source: Is the App technically open, inspectable and influenceable?	yes	yes
Is there a detailed and meaningful, veridical, technical information easily accessible online to understand the app?	yes	yes
Is the App easily comprehensible for end users who should use them? (ie. video tutorial available?)	NA	yes
Could Corona App Data be used for unexpected secondary purposes, such as, sending push messages to people, engaging in mass surveillance?
Is infection tracking dependent on GPS/location data?	no	no
Could GPS be used as an additional function?	no	optional, opt-in
Is the App Responsible communicating with App users beyond the primary purpose (that is infection tracking)?	no	no
Could an infected person somehow be localized by the App Responsible base on the data?	no	no
Security Testing
Has the App undergone a security review by independent certified professionals?	NA	yes
Is the App reaching is functional goal to protect people?
False positive minimization: Is the App able to reduce the number of encounters in order to consider only those devices for handshake that are in 2 meter proximity?	no	yes
Reach: Is the App able to register anyone who might be infected? Also those whom one (A) does not know?	yes	yes
Efficiency of use: Are all encountered people automatically registered?	yes	yes
Ease uf Use 1: Is the App informing people (B) pro-actively about a likely infection or only on demand?	yes	yes
Ease of Use 2: Are users of the App requested to engage in any additional activity after download/install?	no	no
Dependability: Is there any reference made by the App Responsible to the technical challenge of reliable handshake exchange?	no	yes
European: Is the App able to cater to European wide mobility?	yes	yes
Reliability:Adaptability:Is the App recognizing several parameters of infection in addition to proximity, i.e. duration and frequency of exposure?	no	yes
Adaptability: Is it possible for national authorities to configure the parameters of infection risk, such as proximity, duration and frequency (because national recommendations vary in this respect…)	no	yes
Environmental Sustainability: Does the App need particularly high battery power?	NA	no
Accessibility: Is the App Responsible able to integrate people in the solution who do not possess smartphones?	NA	in work
Accessibility 2: Is the App available in different languages?	NA	yes
Accessibility 3: Can local doctors access the App together with their patients and retrieve meaningful information?	NA	yes
Was the App developed as a European Co-operation?	yes	yes
Were there any scientists involved who are known as international experts for data protection?	yes	yes