After the confusion of the past few days, the government is trying to clean up the mess of the Immuni app, the software which is supposed to help our phones keep a record of the people we come into contact with in order to be able to track them down if a positive case of coronavirus emerges within our social circle. In the past few days, contradictory news has been circulating about the system to be adopted. The main debate is about privacy, which will largely depend on how the data on the contacts between people will be stored.
Experts are divided between those who are envisioning a “distributed” contact storage system, in which most of the information remains on the users’ phones, and those who are proposing a centralized system, in which an archive would store the network of contacts between phones (albeit in an anonymized form). The risk of privacy violations is a real one. The app adopted by the Dutch government can serve as a warning, with 200 names of private citizens ending up published on the Internet after a few days and the hasty recall of the software.
The first who tried to reassure everyone was Minister Pisano. In a statement, she stressed that the task force that selected the app proceeded without derogating at any point from a number of principles: transparency, respect for privacy, non-compulsory installation. The minister also recalled that the examination of the proposed solutions by her task force was only the first stage of the development of the project, and that the contract with the companies that will make the app will not be finalized by her, but the Extraordinary Commissioner Domenico Arcuri, the only one who will know what the app will really do.
In his usual press conference on Tuesday morning, Arcuri started by talking about the app. He pointed out that the data of the app will be stored on a “public and Italian” server, and that the confidentiality of personal data is “one of the fundamental freedoms.” Installing the app will remain a free choice for citizens: no one in the government is considering “providing a transit permit only to those who download the app on their phone.” He was echoed by Prime Minister Giuseppe Conte during his Senate briefing: “There will be no restrictions for those who do not download it.”
But when it came to describing the technology chosen, what Arcuri said was not reassuring. He explained, for example, that “it will be necessary for this application to be able to be connected to the National Health System” so that the health authorities can intervene quickly, and it will not merely provide warnings to users. But the active intervention of the healthcare system seems incompatible, at least at first glance, with the anonymity of the records.
The government’s attempt to offer clarity has been only partly successful. On the one hand, the code will be transparent and downloading the app will be voluntary, without sanctions against skeptics; on the other hand, it is not clear whether an enormous database will be created for contact tracing purposes in which the network of our relationships will be mapped out.
“Minister Pisano wrote that she wants to combine different ways of storing data, but she did not realize that they are incompatible with each other. Which one will be chosen?” asks Carlo Blengino, lawyer and member of the Nexa Center for Internet and Society at the Turin Polytechnic University, a research center dedicated to the delicate relationship between technology and society. “People think that with the advent of giants like Google and Facebook, our privacy is already compromised. But if Google or Facebook abuse my data, I can resort to the laws that are protecting me. If the abuse is committed by the state, we are defenseless. So, if it is established that contact tracing must be done by the state, it must be subject to the same limits.”
The Nexa Center published an “open letter” to policy makers on Monday: “The choice of a contagion tracking technology for the management of the so-called ‘Phase 2’ should comply with, and not be an exception to, the guarantees dictated by the European legislation on the protection of personal data, and, more generally, the fundamental rights,” says the message signed by hundreds of academics.
“The app will have to be a part of a wider system of healthcare prevention, consisting of real people, as it has happened even in the countries that have used technology to the greatest extent,” underlines Stefano Zanero, a computer scientist at the Polytechnic of Milan. “Therefore, it is impossible to evaluate it in itself, as long as the context in which it is being introduced is not clarified.” Moreover, even if a completely anonymous information database were to be built, the risk to privacy would not be eliminated. “An anonymous network can be de-anonymized, as we ourselves demonstrated at the Polytechnic with the Bitcoin network,” Zanero says. “The best data protection is not storing the data to begin with.”