The COVID Alert App and Privacy Panic

COVID Alert app

We’ve both installed the COVID Alert app, even though it’s not fully functional in our province (so far it’s just Ontario). We can’t report a COVID diagnosis, but we can get notified if someone from Ontario we’ve come into contact with does report a positive COVID test result. Since we live near the Ontario-Quebec border, and sometimes have to cross into Ontario for errands and such, there’s already some value in installing it.

The app is available on the Apple App Store and on Google Play.

It can’t run on older phones (on the Apple side, older than an iPhone 6S or first-gen SE) because of hardware limitations, I believe. It makes use of the Apple/Google API, which has strong privacy protections: the only things it shares with the server or with other phones are anonymous tokens. The privacy protections are such that Michael Geist is comfortable installing it, which is something.

It’s in that context that I have to look really sideways at a CBC article that suggests that some people could be identified by the COVID Alert app.

It turns out that the headline (“COVID Alert app could result in some people being ID’d”) is inflammatory, because the circumstances in which someone could be identified (a) are edge cases and (b) would identify them even if the app wasn’t being used.

The issue is that the Privacy Commissioner’s office took issue with using the word “anonymous” to describe how the app works, because of those edge cases.

“‘Anonymous’ implies that there is no risk whatsoever that a person could be identified,” they wrote. “However, and although we all agreed that while there’s a very, very low risk that someone could be re-identified through the app, it isn’t necessarily zero.

“Someone living in a remote area and only interacting with one or two other people could theoretically be identified by their neighbours if they received exposure notification alerts, for example.”

CBC News

I’m sorry, but this is the privacy commissioner being a stickler for terms. Escalating that into an actual privacy issue is horseshit.

Someone living in a remote area and only interacting with one or two other people? That’s pretty much the definition of me right now. If I test positive for COVID-19, the candidates for who gave it to me and where I got it from are few, to say the least. In fact, for the past four weeks there is only one candidate. I won’t need the app to tell me she tested positive; I’ll already know. The app isn’t telling me anything I couldn’t figure out for myself. The fact that I will know right away whose positive test is responsible for the alert is not a failure of app privacy, it’s a failure of my (physical) social life.

But—and this is important—that’s not the case for Jennifer, or for most other people I might come into contact with. My near-total isolation depends very much on the fact that she’s the one running most of the errands (that’s not about COVID, mostly: I have mobility and pain issues). If she gets it, I get it: not much will prevent that. But once the school year starts—and at this point it’s not clear whether Quebec schools will be mandating mask use—she’ll be in contact with a whole lot more people. Getting notified that someone she’s come into contact with has tested positive will go a long way to ensuring that she’ll self-isolate sooner, get tested sooner, and infect fewer people in turn.

It’s not, in other words, about me. The possibility that the app might reveal the identity of a positive result in the limited social circle of shut-ins like me is literally the worst reason not to install the app.