Conversations on COVID: Tracing contacts while preserving privacy

Researchers including computer science professor Anna Lysyanskaya are working on a way to use cell phones to track people who may have been exposed to coronavirus — without revealing any personal information.

PROVIDENCE, R.I. [Brown University] — One of the keys to safely ending COVID-19 lockdowns across the country is contact tracing — identifying people who have been exposed to the virus to prevent them from spreading it. A Brown University computer scientist is part of an international research team trying to enable contact tracking with smartphones in a way that preserves everyone’s privacy. Image of Anna Lysyanskaya

Anna Lysyanskaya, a professor of computer science and a cryptography expert, is working on an MIT-based project called PACT: Private Automated Contact Tracing. The team is developing a system that uses the Bluetooth signals that smartphones exchange all the time to track which devices have come in close contact to each other. The system makes it possible to notify people that they may have been in contact with an infected person, but without revealing any private information to other individuals, the government, health care providers or cellular service companies.

Lysyanskaya says that a system like this helps to strike a balance between the need to track infections and the need to preserve people’s privacy.

“I think that this time when people are dying and everybody’s stuck at home, it’s tempting to say, ‘well let’s give up privacy; let’s give up human rights; let’s give up democracy’ — anything to stop this,” she said. “But we need to not yield to that impulse. We can do automated tracing, which could really improve outcomes for containing this disease, while preserving privacy.”

Lysyanskaya discussed the details of the project in an interview.

Q: What’s the advantage to automated contact tracing?

Tracing contacts without any assistance from an automated system is a very labor-intensive process. And relying on human memory to recall who have I interacted with, where have I been is less than perfect. That’s especially true when someone has just been diagnosed with a devastating disease. They might not be able to recall everything they’ve done in the last few days when they were spreading the infection. Anything that can relieve the burden from the sick person to have to recall things — and also from medical professionals who are extremely busy — is very advantageous. Automated contact tracing can do that.

There are many ways that you can do automated contact tracing that aren’t very private. You could just carry around a device that exchanges contact information every time it comes in a close enough range to another device. That way if you exchanged information with someone who was infected, you could find that out. But that would not be a good idea from the point of view of privacy because now you know everything about everybody you run into. 

We’ve been working on doing contact tracing in a way that, as much as possible, doesn’t intrude on people’s privacy. 

Q: Could you explain how it works?

The goal of this project is to record interactions but without leaving any identifying information about yourself behind. The way it works is that instead of providing your contact information, you just provide a completely random string of bits, called chirps. These chirps are produced by BLE, or Bluetooth low energy. It’s a technology that’s similar to what you use, for example, to attach Bluetooth-enabled devices, like headphones. 

What we’re proposing is an app that stores all the chirps that people’s phones send and receive. So if I’m diagnosed, I can simply tell the app about it, and it will take all the chirps I’ve emitted over the past 14 days and publish them to a database. Everybody who has this app installed is connected to this database. At regular time intervals, the app compares the database of chirps from infected people with their locally stored chirps. If there’s an overlap, then that person knows they may have been exposed and they should contact a health care provider. 

The important thing is that these chirps are just strings of random numbers that don’t identify you in any way. They’re meaningless in the absence of anything else happening in the system. But if somebody is diagnosed with the disease, and they let the app know that, then the chirps become useful. We can then tell if we’ve contacted an infected person without knowing who they were.

Q: Why use Bluetooth rather than GPS or other means?

First of all, with GPS there are issues about whether you’re revealing someone’s location, which is problematic in terms of privacy. But there are other issues. My understanding is that GPS coordinates just don’t give you fine-grained enough information about how close you were to somebody. Bluetooth on the other hand is designed to work over a small range, so it’s a pretty decent proxy for how far you are from another person.

And your phone is automatically generating these random strings in connection with Bluetooth, so it’s something we can take advantage of.

Q: How would something like this be implemented?

Last week Apple and Google announced that they’re providing support in their operating systems for the type of contact tracing apps that rely on these Bluetooth chirps. They make the operating systems for the vast majority of devices out there, so that’s a big step. 

From there, the app has to be created, and we’re still thinking about the best technical approach for that. Once the app is ready, the question becomes how do we get it on peoples’ devices. One way is that it could be included in your next operating system update. If Apple and Google are willing, then it will happen by itself. If they weren’t willing to push an app like that, then maybe individual states or jurisdictions might say, ‘You need this app’ and put out advertisements telling people to download it. That would be much more difficult, because people don’t just install apps because you tell them to.

But first we need to have an app and it needs to be usable. Then we can worry about how we get people to use it.

Q: How did you get involved in this project?

The group I’m involved with has its gravity center at MIT, specifically Ron Rivest, who was my Ph.D. advisor a long time ago. At some point I was one of those people who said, “Oh you’re doing this? Here are my ideas for how to do this even better.” The group just kept growing and growing. 

This is an amazing effort and really inspiring. For the last few weeks I've been stuck at home getting stir crazy and a little bit depressed. But this has jerked me out of that. Not everybody has an outlet like this. I’m very lucky that I work in a field that gives me this kind of an outlet where I can feel happy, even in these circumstances. For those people who have an outlet like this, use it. It’s going to make you feel great.