Is the NHS COVID-19 app the right approach?

This week marks the start of the trial of the UK government’s COVID-19 contact tracing app in the Isle of Wight. There has already been considerable press coverage looking into the effectiveness of the app so we decided to download the app to conduct our own investigation.

Like most contract tracing apps that have been released around the world, the NHS app uses Bluetooth to detect nearby phones also running the app and logs when they get close enough to potentially pass on the virus. If a user starts experiencing COVID-19 symptoms they can report them in the app which will prompt them to share the log of contacts with the NHS who can notify them and provide instructions or advice. This is know as a “centralised” approach as the data is stored and processed centrally on government servers. This is opposed to a “decentralised” approach that shares data and notifications directly between phones with no data stored on government servers.

The UK government have received some criticism for opting for the centralised approach over the decentralised solution that Apple and Google have put in place, due to concerns over privacy and security. The API from Apple and Google aims to protect users privacy by putting them more in control of their data. It uses anonymous IDs and alerts users automatically without government involvement, and even bans the use of location tracking in apps using the API. It should also be more effective as the API is not restricted by limitations of the existing bluetooth APIs that can prevent contact tracing apps from working while the app is running in the background. While this sounds like a better solution for users, there are positives to the centralised approach. By processing the data centrally, the government can perform more intelligent risk modelling to decide which contacts are most at risk. It also allows for research to better understand the spread of the virus which can inform other aspects of the government’s COVID-19 strategy such as how, when, and where to ease restrictions.

Let’s look at the iOS version of the NHS COVID-19 app (known internally as Sonar) in more detail. The first thing to note is that on launch, the app only prompts for two permissions — bluetooth and push notifications. Importantly, location is missing from the list, so the app has no way of tracking users’ exact locations. The second thing to note is that users must enter the first half of their postcode. You could argue this is personal information, but it typically covers areas with populations of a few thousand and the government claim it is solely being used for NHS resource planning. The app also opts into special background modes that allow it to scan for other phones while the app is in the background or the screen is locked. There are definitely limitations on this mode over the Apple and Google contact tracing API. For example, it is unclear as to whether iPhones will be able to detect Android phones while in the background.

A few other things we noted during our investigation:

  • The app is very small at just 3.8 MB. This suggests that the app has not been bloated with any third- party SDKs.
  • It has an age rating of 17+ for frequent/intense medical/treatment information which prevents children from downloading the app. This could limit the quality of the contact tracing as children may play a considerable role in the spread of the virus. The rating could be a requirement by Apple or an active choice by the government for privacy protection of children.
  • The app is written in Swift, Apple’s modern and powerful programming language — the same language we use in all the apps we build.
  • The app requires iOS 11 or higher. This covers all iPhones released since iPhone 5s and as of the end of January, 94% of iPhones were running iOS 12 or higher, so shouldn’t be a problem.

The jury is still out on whether the government has made the right choice by opting for centralised over decentralised. Governments certainly need to be held accountable when it comes to tracking their citizens and storing their personal information. However, we are encouraged by our initial investigation into the NHS app and while we haven’t yet seen the source code, it appears that the government have at least made some effort to limit the impact on users privacy, and we believe it is an important step towards the end of lockdown and a return to normality.

Stay home. Protect the NHS. Save lives.