Shutterstock/ LP2 Studio

Privacy and Security Attacks on Digital Proximity Tracing Systems

– The DP-3T Project

  • Report
  • Posted by Good ID team (Good ID)
  • 24 April 2020

In this in-depth analysis, the DP-3T Project team review the privacy and security implications of digital proximity tracing, or using Bluetooth signals to estimate the distance between two devices to conduct contact tracing, in public health emergencies like the COVID-19 pandemic

The team explain their findings, and note their concerns for any bluetooth-based system for digital proximity tracing, especially its vulnerability to hacking, misuse, or taking away privacy and rights from individuals:

"A secure digital proximity tracing system should prevent malicious actors from jeopardizing the confidentiality, integrity, and precision of the data reported to users. This means, for example, users should receive a notification of exposure if, and only if, a user was in close physical proximity to a contagious person."

The only functionality that such an app needs to provide is to inform the contacts of an infected person that they might have been exposed to the virus through a close-range physical contact. The system does not need to reveal to anyone who the potential contagious contact was with, or when and where it happened

View Article