The NHS' Coronavirus contact tracing app will use a different model to that proposed by Apple and Google.

A statement explained that with the help of GCHQ's National Cyber Security Centre, it has found a way to make the software run on iPhones without users having to keep the app active and on-screen.

"Engineers have met several core challenges for the app to meet public health needs and support detection of contact events sufficiently well, including when the app is in the background, without excessively affecting battery life," said a spokesperson for NHSX, the health service's digital innovation unit.

Contact tracing apps are designed to automatically alert people to whether they are at high risk of having the virus, based on whether someone else they were recently near to has been diagnosed with it, by logging each time two people come within a certain distance of each other for longer than a specified amount of time.

When a user registers themselves as being infected, alerts are automatically sent to everyone else they could have passed it on to, advising them to go into quarantine, or get tested.

NHSX has opted to use wireless Bluetooth transmissions to keep track of each qualifying meeting, with alerts then sent anonymously. It will also use a centralised model, with the matching process carried out on a computer server.

This contrasts with Apple and Google's decentralised approach, where the matches take place on users' mobile devices.

The tech giants believe their effort provides more privacy, as it limits the ability of the authorities or a hacker to use the computer server logs to track specific individuals.

NHSX stated that a centralised system will give more insight into the spread of the virus.

Christophe Fraser, one of the epidemiologists advising NHSX, told the BBC that one of the advantages is that it's easier to audit the system and adapt it more quickly as scientific evidence accumulates.

"The principal aim is to give notifications to people who are most at risk of having got infected, and not to people who are much lower risk," he added.

However, hundreds of the UK's cryptography and computer security experts have signed an open letter calling on the NHS to reconsider - dozens of which work for Inria, the company tasked with building the app.

"All countries deploying an app must put adoption at the front of their mind, and if it doesn't work well or significantly depletes battery life then that may act as a deterrent, particularly for those with older phones," commented Michael Veale, a signatory and lecturer in digital rights at UCL.

Apple and Google intend to release an Application Planning Interface (API) for their software this week.

Apple has explained that it will let compliant products carry out Bluetooth-based 'handshakes' in the background, which it stated makes its own solution much more power-efficient.

The NHS solution involves waking up the app in the background every time the phone detects another device running the same software, executing some code before returning to a dormant state.

In a separate statement today, In a joint statement issued today, the chair of the Council of Europe’s data protection committee Alessandra Pierucci, and the Council of Europe’s data protection commissioner Jean-Philippe Walter, warned about the possible side effects of digital contact tracing applications and called for adequate safeguards to be put in place to prevent risks to personal data and privacy.

Their statement noted that wherever such solutions are chosen, strict legal and technical safeguards would need to be in place to mitigate the risks to the protection of personal data and privacy.

"If these applications are deployed, it should be for a limited duration only and solely on a voluntary basis," read the statement. "These applications should include specificities 'by design' to prevent or minimise risks, e.g. to ensure that location data of individuals are not used, that no direct identification is possible or that re-identification is prevented."

Share Story: