Franco-German researchers responsible for developing the future application for tracing people contaminated by Covid-19 published this Saturday their technical proposal for a system, managed by a centralized health authority, which will be the subject of a parliamentary debate in France.
Robert does not use geolocation
Developed by teams from the National Research Institute for Digital Science and Technology (Inria) in collaboration with researchers from the German Fraunhofer Institute, this protocol, called “Robert”, is based on sharing, by people detected positive at Covid-19, a list of anonymous identifiers corresponding to the people they encountered during the incubation period of the virus and detected using Bluetooth wireless technology.
This protocol does not use geolocation data from smartphones.
If ultimately selected, it will form the technical foundation for the StopCovid application, which is expected to help contain the Covid-19 epidemic after the containment exits May 11.
No one would have access to the list of positive people
This publication represents “an important step” which makes it possible “to shed concrete light on the way in which the application will work”, declared the secretary of state in charge of digital, Cédric O.
“The Robert protocol will be the basis of what will be submitted to the Cnil (the gendarme of personal data) and will serve for the parliamentary debate” scheduled for April 28, he added, also ensuring that “the Cnil will have to decide again on the final version of the application “.
The protocol is designed so that “no one, not even the State, has access to the list of people diagnosed positive or to the list of social interactions between people,” explained Inria CEO Bruno Sportisse. , in a press release.
In this system, a user of the application diagnosed positive will be asked to “give his consent for his history of crypto-identifiers encountered to be sent to a server of a health authority without disclosing his own crypto-identifiers”.
All users of the application will periodically check with this server if their own identifiers are among those deemed to be “at risk”.
Health authorities will thus keep their hands on the system and will be able in particular to adjust the criteria making it possible to assess the risk of contamination in order to reduce the number of false positives (of persons wrongly notified of a possible contamination).
Robert, a system that divides
This proposal is part of a pan-European initiative bringing together various technical proposals, which must meet a set of principles (such as compliance with European regulations on personal data or complete anonymity of users), and allow interoperability between the various solutions implemented by States.
But researchers within the initiative are in favor of a more decentralized solution and doubt the sincerity of a system dependent on an authority.
“It seems that (the Inria protocol) is built on trust in the central authorities and on the assumption that they will behave honestly and be impervious to compromise,” said Nadim Kobeissi, a expert in cryptography and cyber security, who worries that the server generates both temporary identifiers and stores case-contacts.