Bluetooth

UK gives up on centralized coronavirus contacts-tracing app — will ‘likely’ switch to model backed by Apple and Google

Posted by | Apple, apple inc, Apps, Bluetooth, contacts tracing, coronavirus, COVID-19, Denmark, Europe, european union, Germany, Google, Health, ireland, Italy, Matt Hancock, Mobile, mobile app, NHS, NHS COVID-19, northern ireland, privacy, smartphone, smartphones, switzerland, United Kingdom | No Comments

The UK has given up building a centralized coronavirus contacts-tracing app and will instead switch to a decentralized app architecture, the BBC has reported. This suggests its any future app will be capable of plugging into the joint ‘exposure notification’ API which has been developed in recent weeks by Apple and Google.

The UK’s decision to abandon a bespoke app architecture comes more than a month after ministers had been reported to be eyeing such a switch. They went on to award a contract to an IT supplier to develop a decentralized tracing app in parallel as a backup — while continuing to test the centralized app, which is called NHS COVID-19.

At the same time, a number of European countries have now successfully launched contracts-tracing apps with a decentralized app architecture that’s able to plug into the ‘Gapple’ API — including Denmark, Germany, Italy, Latvia and Switzerland. Several more such apps remain in testing. While EU Member States just agreed on a technical framework to enable cross-border interoperability of apps based on the same architecture.

Germany — which launched the decentralized ‘Corona Warning App’ this week — announced its software had been downloaded 6.5M times in the first 24 hours. The country had initially appeared to favor a centralized approach but switched to a decentralized model back in April in the face of pushback from privacy and security experts.

The UK’s NHS COVID-19 app, meanwhile, has not progressed past field tests, after facing a plethora of technical barriers and privacy challenges — as a direct consequence of the government’s decision to opt for a proprietary system which uploads proximity data to a central server, rather than processing exposure notifications locally on device.

Apple and Google’s API, which is being used by all Europe’s decentralized apps, does not support centralized app architectures — meaning the UK app faced technical hurdles related to accessing Bluetooth in the background. The centralized choice also raised big questions around cross-border interoperability, as we’ve explained before. Questions had also been raised over the risk of mission creep and a lack of transparency and legal certainty over what would be done with people’s data.

So the UK’s move to abandon the approach and adopt a decentralized model is hardly surprising — although the time it’s taken the government to arrive at the obvious conclusion does raise some major questions over its competence at handling technology projects.

Michael Veale, a lecturer in digital rights and regulation at UCL — who has been involved in the development of the DP3T decentralized contacts-tracing standard, which influenced Apple and Google’s choice of API — welcomed the UK’s decision to ditch a centralized app architecture but questioned why the government has wasted so much time.

“This is a welcome, if a heavily and unnecessarily delayed, move by NHSX,” Veale told TechCrunch. “The Google -Apple system in a way is home-grown: Originating with research at a large consortium of universities led by Switzerland and including UCL in the UK. NHSX has no end of options and no reasonable excuse to not get the app out quickly now. Germany and Switzerland both have high quality open source code that can be easily adapted. The NHS England app will now be compatible with Northern Ireland, the Republic of Ireland, and also the many destinations for holidaymakers in and out of the UK.”

Perhaps unsurprisingly, UK ministers are now heavily de-emphasizing the importance of having an app in the fight against the coronavirus at all.

The Department for Health and Social Care’s, Lord Bethell, told the Science and Technology Committee yesterday the app will not now be ready until the winter. “We’re seeking to get something going for the winter, but it isn’t a priority for us,” he said.

Yet the centralized version of the NHS COVID-19 app has been in testing in a limited geographical pilot on the Isle of Wight since early May — and up until the middle of last month health minister, Matt Hancock, had said it would be rolled out nationally in mid May.

Of course that timeframe came and went without launch. And now the prospect of the UK having an app at all is being booted right into the back end of the year.

Compare and contrast that with government messaging at its daily coronavirus briefings back in May — when Hancock made “download the app” one of the key slogans — and the word ‘omnishambles‘ springs to mind…

NHSX relayed our request for comment on the switch to a decentralized system and the new timeframe for an app launch to the Department of Health and Social Care (DHSC) — but the department had not responded to us at the time of publication.

Earlier this week the BBC reported that a former Apple executive, Simon Thompson, was taking charge of the delayed app project — while the two lead managers, the NHSX’s Matthew Gould and Geraint Lewis — were reported to be stepping back.

Back in April, Gould told the Science and Technology Committee the app would “technically” be ready to launch in 2-3 weeks’ time, though he also said any national launch would depend on the preparedness of a wider government program of coronavirus testing and manual contacts tracing. He also emphasized the need for a major PR campaign to educate the public on downloading and using the app.

Government briefings to the press today have included suggestions that app testers on the Isle of Wight told it they were not comfortable receiving COVID-19 notifications via text message — and that the human touch of a phone call is preferred.

However none of the European countries that have already deployed contacts-tracing apps has promoted the software as a one-stop panacea for tackling COVID-19. Rather tracing apps are intended to supplement manual contacts-tracing methods — the latter involving the use of trained humans making phone calls to people who have been diagnosed with COVID-19 to ask who they might have been in contact with over the infectious period.

Even with major resource put into manual contacts-tracing, apps — which use Bluetooth signals to estimate proximity between smartphone users in order to calculate virus expose risk — could still play an important role by, for example, being able to trace strangers who are sat near an infected person on public transport.

Update: The DHSC has now issued a statement addressing reports of the switch of app architecture for the NHS COVID-19 app — in which it confirms, in between reams of blame-shifting spin, that it’s testing a new app that is able to plug into the Apple and Google API — and which it says it may go on to launch nationally, but without providing any time frame.

It also claims it’s working with Apple and Google to try to enhance how their technology estimates the distance between smartphone users.

“Through the systematic testing, a number of technical challenges were identified — including the reliability of detecting contacts on specific operating systems — which cannot be resolved in isolation with the app in its current form,” DHSC writes of the centralized NHS COVID-19 app.

“While it does not yet present a viable solution, at this stage an app based on the Google / Apple API appears most likely to address some of the specific limitations identified through our field testing.  However, there is still more work to do on the Google / Apple solution which does not currently estimate distance in the way required.”

Based on this, the focus of work will shift from the current app design and to work instead with Google and Apple to understand how using their solution can meet the specific needs of the public,” it adds. 

We reached out to Apple and Google for comment. Apple declined to comment.

According to one source, the UK has been pressing for the tech giants’ API to include device model and RSSI info alongside the ephemeral IDs which devices that come into proximity exchange with each other — presumably to try to improve distance calculations via a better understanding of the specific hardware involved.

However introducing additional, fixed pieces of device-linked data would have the effect of undermining the privacy protections baked into the decentralized system — which uses ephemeral, rotating IDs in order to prevent third party tracking of app users. Any fixed data-points being exchanged would risk unpicking the whole anti-tracking approach.

Norway, another European country which opted for a centralized approach for coronavirus contacts tracing — but got an app launched in mid April — made the decision to suspend its operation this week, after an intervention by the national privacy watchdog. In that case the app was collecting both GPS and Bluetooth —  posing a massive privacy risk. The watchdog warned the public health agency the tool was no longer a proportionate intervention — owing to what are now low levels of coronavirus risk in the country.

Powered by WPeMatico

Bang & Olufsen’s latest Beoplay E8 fully wireless earbuds offer top sound and comfort

Posted by | AirPods, Android, Bang & Olufsen, Bluetooth, electronics, Gadgets, hardware, headphones, Headset, iPhone, mobile devices, qi, Reviews, smartphones, Sony, TC, wireless, wireless earbuds, wireless headphones | No Comments

Bang & Olufsen has an excellent reputation in home audio, and its original Beoplay E8 fully wireless headphones were a category leader when there was barely a category to lead. The company recently launched the third version of the E8, a new generation of hardware that comes with a number of improvements for better audio quality and convenience, including wireless charging, up to seven hours of continuous use on a single charge and the latest Bluetooth standards for improved audio quality, operating distance and latency.

B&O’s latest wireless headset is a must-have for sound quality enthusiasts as a result, providing all-day comfort and wearability, excellent passive sound isolation and rich, sophisticated audio performance that does a good job of rendering the low end but without sacrificing any detail at higher frequencies, either.

Design

The design of the actual Beoplay E8 buds hasn’t changed much since the original version — but in this case, that’s a very good thing, because the original design has remained one of my all-time favorites for fully wireless in-ear buds. You get a small, sleek bud with a rounded face and touch-sensitive surfaces for manual control.

However, B&O has made some minor updates to the design, including getting rid of an irregular nub that stuck out somewhat from the otherwise circular sides of the original, and on the black version I tested, what was once an inner silver-colored metallic accent band on the face now has a shiny black finish. The overall effect is to make them even more understated and attractive.

While the originals also offered great fit, in my use it seems like B&O has improved the physical design on that scale, too. Whereas before I would occasionally have to reseat one or the other of the buds to get a proper noise-isolating seal, the E8 3rd Gen seems to just fit properly once they’re in, no matter how long you wear them.

The last thing to mention regarding design is the case. It’s somehow both smaller and more pocketable than the case for the original, but also includes wireless charging so that you can set it down on any Qi-based wireless charging pad (the same kind that works with modern iPhones and Android devices) and have it charge both the case, which contains additional battery capacity for the buds (bringing total play time to up to 35 hours, per B&O), and the buds themselves. The case is wrapped in a pebbled leather finish that feels fantastic, and a magnetic clasp ensures it stays closed while in transit. Magnets also help you make sure your buds are properly seated in the case to charge.

Performance

The first point to make about the third-generation Beoplay E8 is that they sound fantastic. By just about every measure, they are the best-sounding wireless earbuds I’ve used, including the AirPods Pro and Sony’s WF-1000MX3, both popular options. The E8 manage sound separation and clarity that is sure to please even hardcore audiophiles, and they sound great regardless of what kind of music you’re listening to, but they excel with high-quality, lossless recording formats.

In terms of sound isolation, the Beoplay E8 are also outstanding performers. They don’t have active noise cancellation, but their passive blocking is extremely good at keeping out ambient noise. So much so that it’s good B&O included a transparency feature (accessible by tapping the left earbud) to pipe in ambient sound, which is great for when you want to be more aware of your surroundings. Sound isolation and comfort both get even better when you make use of the included Comply memory foam eartips that ship with the Beoplay E8, which is an excellent bonus because, generally speaking, Comply tips require an additional purchase for just about every other set of earbuds.

The E8 is also a great headset for making calls, thanks to onboard mics that provide clear vocals mostly free of background noise. And because they feature both aptX and use Bluetooth 5.1, they’re also excellent for watching video and taking video calls on both mobile devices and computers, without any real noticeable lag.

Bottom line

Bang & Olufsen make premium products, and they come with premium price tags — at $350, the Beoplay E8 3rd Gen is no exception. But for that money, you’re getting premium build quality, great aesthetics and class-leading sound. For those who want the best audio possible in fully wireless buds, these are the ones to get. They’re fantastic for all-day wear for a work-at-home lifestyle, and offer great portability and sound transparency for taking with you on the go, too.

Powered by WPeMatico

Jabra’s Elite Active 75t earbuds offer great value and sound for both workouts and workdays

Posted by | Bluetooth, Gadgets, hardware, headphones, Headset, iphone accessories, Jabra, Reviews, sound cards, TC, wireless earbuds | No Comments

Technology improvements over the past few years mean that most fully wireless earbuds are a lot better than they used to be. That has led to something of a narrowing of the field among competitors in this arena, but some of the players still stand out – and Jabra have definitely delivered a standout performer with its newest Elite Active 75t fully wireless earbuds.

Basics

Jabra’s Elite Active 75t is a successor to its very popular 65t line, with added moisture resistance designed specifically for exercise use, as indicated by the ‘Active’ in the name. At $199.99, these are definitely premium-priced – but they’re a lot more affordable than many of the other offerings in the category, especially with their IP57-water and sweat resistance rating.

The Elite Active 75t also feature an esteemed 7.5 hours of battery life on a single charge, and their compact charging case carries backup power that adds up to a total of 28 hours potential run time across a single charge for both. The case charges via USB-C and also offers a fast-charge capability that provides 60 minutes of use from just 15 minutes of charging.

While they don’t offer active noise cancellation, they do have passive noise blocking, and an adjustable passthrough mode so that you can tune how much of the sound of the world around you you want to let in – a great safety feature for running or other activities.

They use Bluetooth 5.0 for low power consumption and extended connection range, have an auto-pause and resume feature for when you take out one earbud, and include a 4-mic array to optimize audio quality during calls.

Design

Jabra has accomplished a lot on the design front with the Elite Active 75t. Their predecessor was already among the most compact and low-profile in-ear wireless buds on the market, and the Elite Active 75t is even smaller. These are extremely lightweight and comfortable, too, and their design ensures that they stay put even during running or other active pursuits. In my testing, they didn’t even require adjustment once during a 30-minute outdoor run.

Their comfort makes them a great choice for both active use and for all-day wear at the desk – and the 7.5 hours of battery life doesn’t seem to be a boast, either, based on my use, which is also good for workday wear.

Another key design feature that Jabra included on the Elite Active 75t is that both earbuds feature a large, physical button for controls. This is much better and easier to use than the touch-based controls found on a lot of other headsets, and makes learning the various on-device control features a lot easier.

Finally in terms of design, the charging case for the Elite Active 75t is also among the most svelte on the market. It’s about the size of two stacked matchboxes, and easily slides into any available pockets. Like the earbuds themselves, the case features a very slightly rubberized outer texture, which is great for grip but, as you can see from the photos, is also a dust magnet. That doesn’t really matter unless you happen to be tasked with photographing them, however.

One final note on the case design – magnetic snaps in the earbud pockets mean you can be sure that your headset buds are seated correctly for charging when you put them back, which is a great bit of user experience thoughtfulness.

Performance

It’s easy to see why the Jabra Elite Active 75t is already a favorite among users – they provide a rich, pleasant sound profile that’s also easily tuned through the Jabra Sound+ mobile app. Especially for a pair of earbuds designed specifically for active use, these provide sound quality that goes above and beyond.

Their battery life appears to line up with manufacturer estimates, which also makes them class-leading in terms of single charge battery life. That’s a big advantage when using these for longer outdoor activities, or, as mentioned, when relying on them for all-day desk work. Their built-in mic is also clear and easy to understand for people on the other side of voice and video calls, and the built-in voice isolation seems to work very well according to my testing.

In my experience, their fit is also fantastic. Jabra really seems to have figured out how to build a bud that stays in place, regardless of how much you’re moving around or sweating. It’s really refreshing to find a pair of fully wireless buds that you never have to even think about readjusting them during a workout.

Bottom Line

Jabra has done an excellent job setting their offering apart from an increasingly crowded fully wireless earbud market, and the Elite Active 75t is another distinctive success. Size, comfort and battery life all help put this above its peers, and it also boasts great sound quality as well as excellent call quality. You can get better sounding fully wireless earbuds, but not without spending quite a bit more money and sacrificing some of those other advantages.

Powered by WPeMatico

Apple and Google launch exposure notification API, enabling public health authorities to release apps

Posted by | Android, api, Apple, Apps, Bluetooth, computing, contact tracing, coronavirus, COVID-19, Google, Health, iOS, mobile app, operating systems, smartphones, Software, TC, United States | No Comments

Apple and Google today made available the first public version of their exposure notification API, which was originally debuted as a joint contact-tracing software tool. The partners later renamed it the Exposure Notification system to more accurately reflect its functionality, which is designed to notify individuals of potential exposure to others who have confirmed cases of COVID-19, while preserving privacy around identifying info and location data.

The launch today means that public health agencies can now use the API in apps released to the general public. To date, Apple and Google have only released beta versions of the API to help with the development process.

To be clear, this launch means that developers working on behalf of public health agencies can now issue apps that make use of it — Apple and Google themselves are not creating an exposure-notification or contact-tracing app. The companies say that many U.S. states and 22 countries across five continents have already asked for, and been provided access to, the API to support their development efforts, and they anticipate more being added going forward. So far, Apple and Google say they have conducted more than 24 briefings and tech talks for public health officials, epidemiologists and app developers working on their behalf.

The exposure notification API works using a decentralized identifier system that uses randomly generated temporary keys created on a user’s device (but not tied to their specific identify or info). Apple and Google’s API allows public health agencies to define what constitutes potential exposure in terms of exposed time and distance, and they can tweak transmission risk and other factors according to their own standards.

Further, Apple and Google will allow apps to make use of a combination of the API and voluntarily submitted user data that they provide through individual apps to enable public health authorities to contact exposed users directly to make them aware of what steps they should take.

During the course of the API’s development, Apple and Google have made various improvements to ensure that privacy is an utmost consideration, including encrypting all Bluetooth metadata (like signal strength and specific transmitting power), as that could potentially be used to determine what type of device was used, which offers a slim possibility of associating an individual with a specific device and using that as one vector for identification.

The companies have also explicitly barred use of the API in any apps that also seek geolocation information permission from users — which means some apps being developed by public health authorities for contact tracing that use geolocation data won’t be able to access the exposure notification API. That has prompted some to reconsider their existing approach.

Apple and Google provided the following joint statement about the API and how it will support contact-tracing efforts undertaken by public health officials and agencies:

One of the most effective techniques that public health officials have used during outbreaks is called contact tracing. Through this approach, public health officials contact, test, treat and advise people who may have been exposed to an affected person. One new element of contact tracing is Exposure Notifications: using privacy-preserving digital technology to tell someone they may have been exposed to the virus. Exposure Notification has the specific goal of rapid notification, which is especially important to slowing the spread of the disease with a virus that can be spread asymptomatically.

To help, Apple and Google cooperated to build Exposure Notifications technology that will enable apps created by public health agencies to work more accurately, reliably and effectively across both Android phones and iPhones. Over the last several weeks, our two companies have worked together, reaching out to public health officials scientists, privacy groups and government leaders all over the world to get their input and guidance.

Starting today, our Exposure Notifications technology is available to public health agencies on both iOS and Android. What we’ve built is not an app — rather public health agencies will incorporate the API into their own apps that people install. Our technology is designed to make these apps work better. Each user gets to decide whether or not to opt-in to Exposure Notifications; the system does not collect or use location from the device; and if a person is diagnosed with COVID-19, it is up to them whether or not to report that in the public health app. User adoption is key to success and we believe that these strong privacy protections are also the best way to encourage use of these apps.

Today, this technology is in the hands of public health agencies across the world who will take the lead and we will continue to support their efforts.

The companies previously announced plans to make Exposure Notification a system-level feature in a later update to both their respective mobile operating systems, to be released sometime later this year. That “Phase two” portion of the strategy might be under revision, however, as Google and Apple said they continue to be in conversation with public health authorities about what system-level features will be useful to them in development of their COVID-19 mitigation strategies.

Powered by WPeMatico

How to create the best at-home videoconferencing setup, for every budget

Posted by | Amazon, articles, Bluetooth, driver, Gadgets, hardware, HDMI, Laptop, Logitech, microphone, Microsoft, microsoft windows, operating system, operating systems, Philips, RØDE, smartphones, Sony, TC, technology, telecommunications, Teleconferencing, usb, video conferencing, webcam, wi-fi, wireless earbuds | No Comments

Your life probably involves a lot more videoconferencing now than it did a few weeks ago – even if it already did involve a lot. That’s not likely going to change anytime soon, so why not make the most of it? The average MacBook webcam can technically get the job done, but it’s far from impressive. There are a number of ways to up your game, however – by spending either just a little or a whole lot. Whether you’re just looking to improve your daily virtual stand-up, gearing up for presenting at a virtual conference, or planning a new video podcast, here’s some advice about what to do to make the most of what you’ve got, or what to get if you really want to maximize your video and audio quality.

Level 0

Turn on a light and put it in the right place

One of the easiest things you can do to improve the look of your video is to simply turn on any light you have handy and position it behind the camera shining on your face. That might mean moving a lamp, or moving your computer if all your available lights are in a fixed position, but it can make a dramatic difference. Check out these examples below, screen grabbed from my Microsoft Surface Book 2 (which actually has a pretty good built-in video camera, as far as built-in video cameras go).

The image above is without any light beyond the room’s ceiling lights on, and the image below is turning on a lamp and positioning it directed on my face from above and behind the Surface Book. It’s enough of a change to make it look less like I got caught by surprise with my video on, and more like I actually am attending a meeting I’m supposed to take part in.

Be aware of what’s behind you

It’s definitely too much to ask to set dress your surroundings for every video call you jump on, but it is worth taking a second to spot check what’s visible in the frame. Ideally, you can find a spot where the background is fairly minimal, with some organized decor visible. Close doors that are in frame, and try not to film in front of an uncovered window. And if you’re living in a pandemic-induced mess of clutter, just shovel the clutter until it’s out of frame.

Know your system sound settings

Get to know where the input volume settings are for your device and operating system. It’s not usually much of an issue, because most apps and systems set pretty sensible defaults, but if you’re also doing something unusual like sitting further away from your laptop to try to fit a second person in frame, then you might want to turn up the input audio slider to make sure anyone listening can actually hear what you have to say.

It’s probably controllable directly in whatever app you’re using, but on Macs, also try going to System Preferences > Sound > Input to check if the level is directly controllable for the device you’re using, and if tweaking that produces the result you’re looking for.

Level 1

Get an external webcam

The built-in webcam on most notebooks and all-in-ones isn’t going to be great, and you can almost always improve things by buying a dedicated webcam instead. Right now, it might be hard to find them in stock, since a lot of people have the same need for a boost in videoconferencing quality all at the same time. But if you can get your hands on even a budget upgrade option like the Logitech C922 Pro Stream 1080p webcam I used for the clip below, it should help with sharpness, low light performance, color and more.

Get a basic USB mic

Dedicated external mics are another way to quickly give your setup a big boost for relatively low cost. In the clip above, I used the popular Samson Meteor USB mic, which has built-in legs and dedicated volume/mute controls. This mic includes everything you need, and should work instantly when you plug it in via USB, and it produces great sound that’s ideal for vocals.

Get some headphones

Headphones of any kind will make your video calls and conferences better, since it minimizes the chance of echo from your mic picking up the audio from your own speakers. Big over ears models are good for sound quality, while earbuds make for less obvious headwear in your actual video image.

Level 2

Use a dedicated camera and an HDMI-to-USB interface

If you already have a standalone camera, including just about any consumer pocket camera with HDMI out capabilities, then it’s worth looking into picking up an HDMI-to-USB video capture interface in order to convert it into a much higher quality webcam. In the clip below I’m using the Sony RX100 VII, which is definitely at the high end of the consumer pocket camera market, but there are a range of options that should give you nearly the same level of quality, including the older RX100 models from Sony .

When looking for an HDMI interface, make sure that they advertise that it works with videoconferencing apps like Zoom, Hangouts and Skype on Mac and Windows without any software required: This means that they likely have UVC capabilities, which means those operating systems will recognize them as webcams without any driver downloads or special apps required out of the box. These are also in higher demand due to COVID-19, so the Elgato Cam Link 4K I used here probably isn’t in ready stock anywhere. Instead, look to alternatives like the IOGear Video Capture Adapter or the Magewell USB 3.0 Capture device, or potentially consider upgrading to a dedicated live broadcast deck like the Blackmagic ATEM Mini I’ll talk more about below.

Get a wired lav mic

A simple wired lavalier (lav) microphone is a great way to upgrade your audio game, and it doesn’t even need to cost that much. You can get a wired lav that performs decently well for as little as $20 on Amazon, and you can use a USB version for connecting directly to your computer even if you don’t have a 3.5mm input port. Rode’s Lavalier GO is a great mid-range option that also works well with the Wireless GO transmitter and receiver kit I mention in the next section. The main limitation of this is that depending on cord length, you could be pretty limited in terms of your range of motion while using one.

Get multiple lights and position them effectively

Lighting is a rabbit hole that ends up going very deep, but getting a couple of lights that you can move to where you need them most is a good, inexpensive way to get started. Amazon offers a wide range of lighting kits that fit the bill, or you can even do pretty well with just a couple of Philips Hue lights in gooseneck lamps positioned correctly and adjusted to the right temperature and brightness.

Level 3

Use an interchangeable lens camera and a fast lens

The next step up from a decent compact camera is one that features interchangeable lenses. This allows you to add a nice, fast prime lens with a high maximum aperture (aka a low ‘f’ number’) to get that defocused background look. This provides natural-looking separation of you, the subject, from whatever is behind you, and provides a cinematic feel that will wow colleagues in your monthly all-hands.

Get a wireless lav mic

A lav mic is great, but a wireless lav mic is even better. It means you don’t need to worry about hitting the end of your cable, or getting it tangled in other cables in your workspace, and it can provide more flexibility in terms of what audio interfaces you use to actually get your sound into the computer, too. A great option here is the RODE Wireless GO, which can work on its own or in tandem with a mic like the RODE Lavalier GO for great, flexible sound.

Use in-ear monitors

You still want to be using headphones at this stage, but the best kind to use really are in-ear monitors that do their best to disappear out of sight. You can get some dedicated broadcast-style monitors like those Shure makes, or you can spring for a really good pair of Bluetooth headphones with low latency and the latest version of Bluetooth. Apple’s AirPods Pro is a great option, as are the Bang & Olfusen E8 fully wireless earbuds, which I’ve used extensively without any noticeable lag.

Use 3-point lighting

At this stage, it’s really time to just go ahead and get serious about lighting. The best balance in terms of optimizing specifically for streaming, videoconferencing and anything else your’e doing from your desk, basically, is to pick up at least two of Elgato’s Key Lights or Key Light Airs.

These are LED panel lights with built-in diffusers that don’t have a steep learning curve, and that come with very sturdy articulating tube mounts with desk clamps, and that connect to Wi-Fi for control via smartphones or desktop applications. You can adjust their temperature, meaning you can make them either more ‘blue’ or more ‘orange’ depending on your needs, as well as tweak their brightness.

Using three of these, you can set up a standard 3-point lighting setup which are ideal for interviews or people speaking directly into a camera – aka just about every virtual conference/meeting/event/webinar use you can think of.

Level 4

Get an HDMI broadcast switcher deck

HDMI-USB capture devices do a fine job turning most cameras into webcams, but if you really want to give yourself a range of options, you can upgrade to a broadcast switching interface like the Blackmagic ATEM Mini. Released last year, the ATEM Mini packs in a lot of features that previously were basically only available to video pros, and provides them in an easy-to-use form factor with a price that’s actually astounding given how much this thing can really do.

On its own paired with a good camera, the ATEM Mini can add a lot to your video capabilities, including allowing you to tee up still graphics, and switch to computer input to show videos, work live in graphics apps, demonstrate code or run a presentation. You can set up picture-in-picture views, put up lower thirds and even fade-to-black using a hardware button dedicated to that purpose.

But if you really want to make the most of the ATEM Mini, you can add a second or even a third and fourth camera to the mix. For most uses, this is probably way too much camera – there are only so many angles one can get of a single person talking, in the end. But if you get creative with camera placement and subjects, it’s a fun and interesting way to break up a stream, especially if you’re doing something longer like giving a speech or extended presentation. The newer ATEM Mini Pro is just starting to ship, and offers built-in recording and streaming as well.

Use a broadcast-quality shotgun mic

The ATEM Mini has two dedicated audio inputs that really give you a lot of flexibility on that front, too. Attaching one to the output on an iPod touch, for instance, could let you use that device as a handy soundboard for cueing up intro and title music, plus sound effects. And this also means you can route sound from a high-quality mic, provided you have the right interface.

For top level streaming quality, with minimal sacrifices required in terms of video, I recommend going to a good, broadcast-quality shotgun mic. The Rode VideoMic NTG is a good entry-level option that has flexibility when it comes to also being mountable on-camera, but something like the Rode NTG3m mounted to a boom arm and placed out of frame with the mic end angled down towards your mouth, is going to provide the best possible results.

Add accent lighting

You’ve got your 3-point lighting – but as I said, lighting is a nearly endless rabbit hole. Accent lighting can really help push the professionalism of your video even further, and it’s also pretty easy and to set up using readily available equipment. Philips Hue is probably my favorite way to add a little more vitality to any scene, and if you’re already a Hue user you can make do with just about any of their color bulbs. Recent releases from Philips like the Hue Play Smart LED Light Bars are essentially tailor made for this use, and you can daisy chain up to three on one power adapter to create awesome accent wall lighting effects.

All of this is, of course, not at all necessary for basic video conferencing, virtual hangouts and meetings. But if you think that remote video is going to be a bigger part of our lives going forward, even as we return to some kind of normalcy in the wake of COVID-19, then it’s worth considering what elements of your system to upgrade based on your budget and needs, and hopefully this article provides some guidance.

Powered by WPeMatico

The new August Wi-Fi Smart Lock is now available, and it’s the connected smart lock to beat

Posted by | Airbnb, Alexa, Assa Abloy, August Home, Best-Buy, Bluetooth, Gadgets, Google, hardware, lock, Reviews, Security, smart lock, smartphone, TC, technology, wi-fi, yale, yves behar | No Comments

It’s been a few years since August introduced any new hardware, but its August Wi-Fi Smart Lock, which it debuted at CES this year, is now available. This is the new flagship in the August lineup, replacing the August Smart Lock Pro as the latest and greatest feature-packed connected lock from the company, and it brings an improved design along with built-in Wi-Fi. August’s existing locks are the market leaders in easy conversion kits for existing thumbturn deadbolts, and the August Wi-Fi Smart Lock improves upon that reputation in every way.

Design

The August Wi-Fi Smart Lock has a great design pedigree already, since the company was originally co-founded by Yves Béhar. Béhar spearheaded the design of this generation as well, and the result is a look that is recognizably August, but with upgraded looks and tactile improvements, too. The satin nickel finish on my review hardware looked great and premium (it also comes in black), and the textured outer edge feels great when turning the lock to manually lock/unlock. There’s now a slightly raised “pointer” to provide a quick visual indicator of whether the door is locked or unlocked, as well.

The biggest design change versus the August Smart Lock Pro, however, is that it’s quite a bit smaller. August says it’s 45% smaller by volume, in fact, and 20% slimmer front to back, and the size savings definitely show. The rather large dimensions of the Smart Lock Pro meant that it wasn’t able to be installed on some doors, so there’s a practical, functional benefit to the change, but it also just looks a lot nicer and is less likely to stick out among the rest of your home decor.

The smaller design was made possible despite the inclusion of Wi-Fi built-in, partly because of the switch to CR2 batteries, which are a lot less common than the AAs used by the Smart Lock Pro, but which you should still be able to find pretty easily at a drugstore or via Amazon.

Size aside, the design still provides a great, easy to use manual turn for physically unlocking and locking your door. The install process is also still very easy, even if you’re not particularly handy. August even provides paint-safe tape in the box for securing the other side of your lock while you remove the thumb plate, and its app gives you easy instructions for matching the right included size adapter depending on your deadbolt manufacturer. Replacing my own thumb turn took about five minutes start to finish.

Features

The whole point of August’s technology is that it provides a way to lock and unlock your door with your phone. With the August Wi-Fi Smart Lock, that’s a lot less complicated than it has been in the past, because it has Wi-Fi built-in. Previous August locks relied exclusively on Bluetooth, and required that you also purchase and own a separate Connect dongle, which plugs into a standard wall socket, to connect to the lock itself via Bluetooth and act as a bridge to your Wi-Fi network.

Doing away with the need for a Connect means you connect the Wi-Fi Smart Lock to your network during setup, and then it’s reachable anywhere using the August smartphone app. You can easily tap to lock and unlock the door so long as you have an active data connection, and you can do a lot more besides, including granting others access.

August allows you to provision virtual keys to friends via email (they’ll be asked to register for an account if they don’t have one). This is a popular feature for Airbnb hosts, because you can also revoke permission once you no longer want someone to have access. It’s also great for letting in neighbors to feed your pets (once travel is an option again, of course) and for giving family an easy way to check in. Plus, you can share it with other members of your households and make them owners for top-level access and controls, as well.

You can also set the August Wi-Fi Smart Lock to automatically lock once you close the door, either immediately or after a set time that you can customize. This works using DoorSense, which is facilitated by a magnetic sensor that August includes in the box and that you install in your door frame upon setup.

Auto-unlock for me has worked most of the time, though I have had a few occasions where upon returning, I get a “Welcome home” notification from the August app, but the door doesn’t actually unlock and I have to do so by opening the app and pressing the button. In general, however, it works well, and is a great benefit when you return home with your arms full of groceries, for instance.

Performance

The August Wi-Fi Smart Lock brings an updated design and integrated Wi-Fi, but it doesn’t change much in terms of the core functionality of August’s previous locks, and it also seems to be at least a match for prior generations when it comes to reliability. Using the app, I was consistently able to both lock and unlock the door, both within and outside of the home.

August also offers integration with voice assistants, including Alexa, Google Home and HomeKit. These I found a bit more unreliable, with at least one actual failed unlock attempt via HomeKit. But overall they also performed mostly well, with a bit more lag than doing things via the August app directly. You’re also able to unlock via voice command, though the app wisely forces you to register an authorization code to protect against manipulation, like someone trying to yell at Alexa through your door to unlock the unit.

August also offers the option to receive push notification about lock and unlock events, and stores a whole history of the lock’s usage, including door open and closed status, manual/automatic/remote locking and unlocking events and more. It’s a great way to maintain peace of mind about who’s accessing your home, when and how.

Bottom line

August has a long history of building connected locks, and its reputation has earned it both accolades and a 2017 acquisition by leading international lock maker Assa Abloy, which operates a number of brands, including Yale. This is the first lock that it has launched since that acquisition, and it’s a promising indicator that the deal hasn’t dulled their edge when it comes to August-branded product development. This is a great smart lock, with fast and easy installation and ergonomic, visually pleasing design and broad compatibility. Its auto-lock and unlock features really change the way you go about everything from running errands to walking the dog — it’s surprising how much a little convenience can make even the most mundane tasks more pleasant.

The August Wi-Fi Smart Lock is available for $249.99 via August.com and Best Buy, and will expand availability to additional retailers beginning May 17.

Powered by WPeMatico

UK’s NHS COVID-19 app lacks robust legal safeguards against data misuse, warns committee

Posted by | Apps, Bluetooth, data protection law, digital rights, Elizabeth Denham, Europe, Germany, Health, human rights, identity management, ireland, Matt Hancock, Mobile, National Health Service, NHS, NHS COVID-19, NHSX, northern ireland, privacy, privacy policy, terms of service, United Kingdom | No Comments

A UK parliamentary committee that focuses on human rights issues has called for primary legislation to be put in place to ensure that legal protections wrap around the national coronavirus contact tracing app.

The app, called NHS COVID-19, is being fast tracked for public use — with a test ongoing this week in the Isle of Wight. It’s set to use Bluetooth Low Energy signals to log social interactions between users to try to automate some contacts tracing based on an algorithmic assessment of users’ infection risk.

The NHSX has said the app could be ready for launch within a matter of weeks but the committee says key choices related to the system architecture create huge risks for people’s rights that demand the safeguard of primary legislation.

“Assurances from Ministers about privacy are not enough. The Government has given assurances about protection of privacy so they should have no objection to those assurances being enshrined in law,” said committee chair, Harriet Harman MP, in a statement.

“The contact tracing app involves unprecedented data gathering. There must be robust legal protection for individuals about what that data will be used for, who will have access to it and how it will be safeguarded from hacking.

“Parliament was able quickly to agree to give the Government sweeping powers. It is perfectly possible for parliament to do the same for legislation to protect privacy.”

The NHSX, a digital arm of the country’s National Health Service, is in the process of testing the app — which it’s said could be launched nationally within a few weeks.

The government has opted for a system design that will centralize large amounts of social graph data when users experiencing COVID-19 symptoms (or who have had a formal diagnosis) choose to upload their proximity logs.

Earlier this week we reported on one of the committee hearings — when it took testimony from NHSX CEO Matthew Gould and the UK’s information commissioner, Elizabeth Denham, among other witnesses.

Warning now over a lack of parliamentary scrutiny — around what it describes as an unprecedented expansion of state surveillance — the committee report calls for primary legislation to ensure “necessary legal clarity and certainty as to how data gathered could be used, stored and disposed of”.

The committee also wants to see an independent body set up to carry out oversight monitoring and guard against ‘mission creep’ — a concern that’s also been raised by a number of UK privacy and security experts in an open letter late last month.

“A Digital Contact Tracing Human Rights Commissioner should be responsible for oversight and they should be able to deal with complaints from the Public and report to Parliament,” the committee suggests.

Prior to publishing its report, the committee wrote to health minister Matt Hancock, raising a full spectrum of concerns — receiving a letter in response.

In this letter, dated May 4, Hancock told it: “We do not consider that legislation is necessary in order to build and deliver the contact tracing app. It is consistent with the powers of, and duties imposed on, the Secretary of State at a time of national crisis in the interests of protecting public health.”

The committee’s view is Hancock’s ‘letter of assurance’ is not enough given the huge risks attached to the state tracking citizens’ social graph data.

“The current data protection framework is contained in a number of different documents and it is nearly impossible for the public to understand what it means for their data which may be collected by the digital contact tracing system. Government’s assurances around data protection and privacy standards will not carry any weight unless the Government is prepared to enshrine these assurances in legislation,” it writes in the report, calling for a bill that it says myst include include a number of “provisions and protections”.

Among the protections the committee is calling for are limits on who has access to data and for what purpose.

“Data held centrally may not be accessed or processed without specific statutory authorisation, for the purpose of combatting Covid-19 and provided adequate security protections are in place for any systems on which this data may be processed,” it urges.

It also wants legal protections against data reconstruction — by different pieces of data being combined “to reconstruct information about an individual”.

The report takes a very strong line — warning that no app should be released without “strong protections and guarantees” on “efficacy and proportionality”.

“Without clear efficacy and benefits of the app, the level of data being collected will be not be justifiable and it will therefore fall foul of data protection law and human rights protections,” says the committee.

The report also calls for regular reviews of the app — looking at efficacy; data safety; and “how privacy is being protected in the use of any such data”.

It also makes a blanket call for transparency, with the committee writing that the government and health authorities “must at all times be transparent about how the app, and data collected through it, is being used”.

A lack of transparency around the project was another of the concerns raised by the 177 academics who signed the open letter last month.

The government has committed to publishing data protection impact assessments for the app. But the ICO’s Denham still hadn’t had sight of this document as of this Monday.

Another call by the committee is for a time-limit to be attached to any data gathered by or generated via the app. “Any digital contact tracing (and data associated with it) must be permanently deleted when no longer required and in any event may not be kept beyond the duration of the public health emergency,” it writes.

We’ve reached out to the Department of Health and NHSX for comment on the human rights committee’s report.

Let’s go through Matt Hancock’s letter to @HarrietHarman @HumanRightsCtte on the NHSX app and take a closer look at some of these statements 1/ https://t.co/sQe2U8wkiy

— Michael Veale (@mikarv) May 7, 2020

There’s another element to this fast moving story: Yesterday the Financial Times reported that the NHSX has inked a new contract with an IT supplier which suggests it might be looking to change the app architecture — moving away from a centralized database to a decentralized system for contacts tracing. Although NHSX has not confirmed any such switch at this point.

Some other countries have reversed course in their choice of app architecture after running into technical challenges related to Bluetooth. The need to ensure public trust in the system was also cited by Germany for switching to a decentralized model.

The human rights committee report highlights a specific app efficacy issue of relevance to the UK, which it points out is also linked to these system architecture choices, noting that: “The Republic of Ireland has elected to use a decentralised app and if a centralised app is in use in Northern Ireland, there are risks that the two systems will not be interoperable which would be most unfortunate.”

Professor Lilian Edwards, a legal expert from Newcastle University, who has co-authored a draft bill proposing a set of safeguards for coronavirus apps (much of which was subsequently taken up by Australia for a legal instrument that wraps public health contact info during the coronavirus crisis) — and who also now sits as an independent advisor on an ethics committee that’s been set up for the NHSX app — welcomed the committee report.

Speaking in a personal capacity she told TechCrunch: “My team and I welcome this.”

But she flagged a couple of omissions in the report. “They have left out two of the recommendations from my bill — one of which, I totally expected; that there be no compulsion to carry a phone. Because they will just be assumed within our legal system but I don’t think it would have hurt to have said it. But ok.

“The second point — which is important — is the point about there not being compulsion to install the app or to display it. And there not being, therefore, discrimination against you if you don’t. Like not being allowed to go to your workplace is an obvious example. Or not being allowed to go to a football game when they reopen. And that’s the key point where the struggle is.”

The conflict, says Edwards, is on the one hand you could argue what’s the point of doing digital contact tracing at all if you can’t make sure people are able to receive notifications that they might be a contact. But — on the other — if you allow compulsion that then “leaves it open to be very discriminatory” — meaning people could abuse the requirement to target and exclude others from a workplace, for example.

“There are people who’ve got perfectly valid reasons to not want to have this on their phone,” Edwards added. “Particularly if it’s centralized rather than decentralized.”

She also noted that the first version of her draft coronavirus safeguards bill had allowed compulsion re: having the app on the phone but required it to be balanced by a proportionality analysis — meaning any such compulsion must be “proportionate to a legitimate aim”.

But after Australia opted for zero compulsion in its legal instrument she said she and her team decided to revise their bill to also strike out the provision entirely.

Edwards suggested the human rights committee may not have included this particular provision in their recommendations because parliamentary committees are only able to comment on evidence they receive during an inquiry. “So I don’t think it would have been in their remit to recommend on that,” she noted, adding: “It isn’t actually an indication that they’re not interested in these concepts; it’s just procedure I think.”

She also highlighted the issues of so-called ‘immunity passports’ — something the government has reportedly been in discussions with startups about building as part of its digital coronavirus response, but which the committee report also does not touch on.

However, without full clarity on the government’s evolving plans for its digital coronavirus response, and with, inevitably, a high degree of change and flux amid a public health emergency situation, it’s clearly difficult for committees to interrogate so many fast moving pieces.

“The select committees have actually done really, really well,” added Edwards. “But it just shows how the ground has shifted so much in a week.”

This report was updated with additional comment

Powered by WPeMatico

UK eyeing switch to Apple-Google API for coronavirus contacts tracing — report

Posted by | alpha, Android, api, Apple, apple inc, Apps, Australia, BBC, Bluetooth, ceo, Colombia, computing, estonia, Europe, Google, Health, instagram, ios 11, iPhone, ireland, Mobile, mobile app, National Health Service, NHS, NHSX, operating systems, privacy, Singapore, smartphone, smartphones, spokesperson, switzerland, The Financial Times, United Kingdom, wi-fi | No Comments

The UK may be rethinking its decision to shun Apple and Google’s API for its national coronavirus contacts tracing app, according to the Financial Times, which reported yesterday that the government is paying an IT supplier to investigate whether it can integrate the tech giants’ approach after all.

As we’ve reported before coronavirus contacts tracing apps are a new technology which aims to repurpose smartphones’ Bluetooth signals and device proximity to try to estimate individuals’ infection risk.

The UK’s forthcoming app, called NHS COVID-19, has faced controversy because it’s being designed to use a centralized app architecture. This means developers are having to come up with workarounds for platform limitations on background access to Bluetooth as the Apple-Google cross-platform API only works with decentralized systems.

The choice of a centralized app architecture has also raised concerns about the impact of such an unprecedented state data grab on citizens’ privacy and human rights, and the risk of state ‘mission creep‘.

The UK also looks increasingly isolated in its choice in Europe after the German government opted to switch to a decentralized model, joining several other European countries that have said they will opt for a p2p approach, including Estonia, Ireland and Switzerland.

In the region, France remains the other major backer of a centralized system for its forthcoming coronavirus contacts tracing app, StopCovid.

Apple and Google, meanwhile, are collaborating on a so-called “exposure notification” API for national coronavirus contacts tracing apps. The API is slated to launch this month and is designed to remove restrictions that could interfere with how contact events are logged. However it’s only available for apps that don’t hold users’ personal data on central servers and prohibits location tracking, with the pair emphasizing that their system is designed to put privacy at the core.

Yesterday the FT reported that NHSX, the digital transformation branch of UK’s National Health Service, has awarded a £3.8M contract to the London office of Zuhlke Engineering, a Switzerland-based IT development firm which was involved in developing the initial version of the NHS COVID-19 app.

The contract includes a requirement to “investigate the complexity, performance and feasibility of implementing native Apple and Google contact tracing APIs within the existing proximity mobile application and platform”, per the newspaper’s report.

The work is also described as a “two week timeboxed technical spike”, which the FT suggests means it’s still at a preliminary phase — thought it also notes the contract includes a deadline of mid-May.

The contracted work was due to begin yesterday, per the report.

We’ve reached out to Zuhlke for comment. Its website describes the company as “a strong solutions partner” that’s focused on projects related to digital product delivery; cloud migration; scaling digital platforms; and the Internet of Things.

We also put questions arising from the FT report to NHSX.

At the time of writing the unit had not responded but yesterday a spokesperson told the newspaper: “We’ve been working with Apple and Google throughout the app’s development and it’s quite right and normal to continue to refine the app.”

The specific technical issue that appears to be causing concern relates to a workaround the developers have devised to try to circumvent platform limitations on Bluetooth that’s intended to wake up phones when the app itself is not being actively used in order that the proximity handshakes can still be carried out (and contacts events properly logged).

Thing is, if any of the devices fail to wake up and emit their identifiers so other nearby devices can log their presence there will be gaps in the data. Which, in plainer language, means the app might miss some close encounters between users — and therefore fail to notify some people of potential infection risk.

Recent reports have suggested the NHSX workaround has a particular problem with iPhones not being able to wake up other iPhones. And while Google’s Android OS is the more dominant platform in the UK (running on circa ~60% of smartphones, per Kantar) there will still be plenty of instances of two or more iPhone users passing near each other. So if their apps fail to wake up they won’t exchange data and those encounters won’t be logged.

On this, the FT quotes one person familiar with the NHS testing process who told it the app was able to work in the background in most cases, except when two iPhones were locked and left unused for around 30 minutes, and without any Android devices coming within 60m of the devices. The source also told it that bringing an Android device running the app close to the iPhone would “wake up” its Bluetooth connection.

Clearly, the government having to tell everyone in the UK to use an Android smartphone not an iPhone wouldn’t be a particularly palatable political message.

This is effectively a form of Android Herd Immunity: for the good of Britain, vaccinate your friends by giving them Androids!

— Michael Veale (@mikarv) May 5, 2020

One source with information about the NHSX testing process told us the unit has this week been asking IT suppliers for facilities or input on testing environments with “50-100 Bluetooth devices of mixed origin”, to help with challenges in testing the Bluetooth exchanges — which raises questions about how extensively this core functionality has been tested up to now. (Again, we’ve put questions to the NHSX about testing and will update this report with any response.)

Work on planning and developing the NHS COVID-19 app began March 7, according to evidence given to a UK parliamentary committee by the NHSX CEO’s, Matthew Gould, last month.

Gould has also previously suggested that the app could be “technically” ready to launch in as little as two or three weeks time from now. While a limited geographical trial of the app kicked off this week in the Isle of Wight. Prior to that, an alpha version of the app was tested at an RAF base involving staff carrying out simulations of people going shopping, per a BBC report last month.

Gould faced questions over the choice of centralized vs decentralized app architecture from the human rights committee earlier this week. He suggested then that the government is not “locked” to the choice — telling the committee: “We are constantly reassessing which approach is the right one — and if it becomes clear that the balance of advantage lies in a different approach then we will take that different approach. We’re not irredeemably wedded to one approach; if we need to shift then we will… It’s a very pragmatic decision about what approach is likely to get the results that we need to get.”

However it’s unclear how quickly such a major change to app architecture could be implemented, given centralized vs decentralized systems work in very different ways.

Additionally, such a big shift — more than two months into the NHSX’s project — seems, at such a late stage, as if it would be more closely characterized as a rebuild, rather than a little finessing (as suggested by the NHSX spokesperson’s remark to the FT vis-a-vis ‘refining’ the app).

In related news today, Reuters reports that Colombia has pulled its own coronavirus contacts tracing app after experiencing glitches and inaccuracies. The app had used alternative technology to power contacts logging via Bluetooth and wi-fi. A government official told the news agency it aims to rebuild the system and may now use the Apple-Google API.

Australia has also reported Bluetooth related problems with its national coronavirus app. And has also been reported to be moving towards adopting the Apple-Google API.

While, Singapore, the first country to launch a Bluetooth app for coronavirus contacts tracing, was also the first to run into technical hitches related to platform limits on background access — likely contributing to low download rates for the app (reportedly below 20%).

Powered by WPeMatico

NHS COVID-19: The UK’s coronavirus contacts-tracing app explained

Posted by | Android, api, app-store, Apple, Apps, Australia, Bluetooth, contacts tracing apps, coronavirus, COVID-19, data protection law, estonia, Europe, european union, Germany, Google, Health, iOS, iPhone, ireland, mobile app, National Health Service, NHS COVID-19, northern ireland, operating systems, privacy, Security, Singapore, smartphone, smartphones, switzerland, TC, United Kingdom | No Comments

The UK has this week started testing a coronavirus contacts-tracing app which NHSX, a digital arm of the country’s National Health Service, has been planning and developing since early March. The test is taking place in the Isle of Wight, a 380km2 island off the south coast of England, with a population of around 140,000.

The NHS COVID-19 app uses Bluetooth Low Energy handshakes to register proximity events (aka ‘contacts’) between smartphone users, with factors such as the duration of the ‘contact event’ and the distance between the devices feeding an NHS clinical algorithm that’s being designed to estimate infection risk and trigger notifications if a user subsequently experiences COVID-19 symptoms.

The government is promoting the app as an essential component of its response to fighting the coronavirus — the health minister’s new mantra being: ‘Protect the NHS, stay home, download the app’ — and the NHSX has said it expects the app to be “technically” ready to deploy two to three weeks after this week’s trial.

However there are major questions over how effective the tool will prove to be, especially given the government’s decision to ‘go it alone’ on the design of its digital contacts-tracing system — which raises some specific technical challenges linked to how modern smartphone platforms operate, as well as around international interoperability with other national apps targeting the same purpose.

In addition, the UK app allows users to self report symptoms of COVID-19 — which could lead to many false alerts being generated. That in turn might trigger notification fatigue and/or encourage users to ignore alerts if the ratio of false alarms exceeds genuine alerts.

Keep calm and download the app?

How users will generally respond to this technology is a major unknown. Yet mainstream adoption will be needed to maximize utility; not just one-time downloads. Dealing with the coronavirus will be a marathon not a sprint — which means sustaining usage will be vital to the app functioning as intended. And that will require users to trust that the app is both useful for the claimed public health purpose, by being effective at shrinking infection risk, and also that using it will not create any kind of disadvantages for them personally or for their friends and family.

The NHSX has said it will publish the code for the app, the DPIA (data protection impact assessment) and the privacy and security models — all of which sounds great, though we’re still waiting to see those key details. Publishing all that before the app launches would clearly be a boon to user trust.

A separate consideration is whether there should be a dedicated legislation wrapper put around the app to ensure clear and firm legal bounds on its use (and to prevent abuse and data misuse).

As it stands the NHS COVID-19 app is being accelerated towards release without this — relying on existing legislative frameworks (with some potential conflicts); and with no specific oversight body to handle any complaints. That too could impact user trust.

The overarching idea behind digital contacts tracing is to leverage uptake of smartphone technology to automate some contacts tracing, with the advantage that such a tool might be able to register fleeting contacts, such as between strangers on the street or public transport, that may more difficult for manual contacts-tracing methods to identify. Though whether these sorts of fleeting contacts create a significant risk of infection with the SARS-CoV-2 virus has not yet been quantified.

All experts are crystal clear on one thing: Digital contacts tracing is only going to be — at very best — a supplement to manual contact tracing. People who do not own or carry smartphones or who do not or cannot use the app obviously won’t register in any captured data. Technical issues may also create barriers and data gaps. It’s certainly not a magic bullet — and may, in the end, turn out to be ill-suited for this use case (we’ve written a general primer on digital contacts tracing here).

One major component of the UK approach is that it’s opted to create a so-called ‘centralized’ system for coronavirus contacts tracing — which leads to a number of specific challenges.

While the NHS COVID-19 app stores contacts events on the user’s device initially, at the point when (or if) a user chooses to report themselves having coronavirus symptoms then all their contacts events data is uploaded to a central server. This means it’s not just a user’s own identifier but a list of any identifiers they have encountered over the past 28 days — so, essentially, a graph of their recent social interactions.

This data cannot be deleted after the fact, according to the NHSX, which has also said it may be used for “research” purposes related to public health — raising further questions around privacy and trust.

Questions around the legal bases for this centralized approach also remain to be answered in detail by the government. UK and EU data protection law emphasize data minimization as a key principle; and while there’s flexibility built into these frameworks for a public health emergency there is still a requirement on the government to detail and justify key data processing decisions.

The UK’s decision to centralize contacts data has another obvious and immediate consequence: It means the NHS COVID-19 app will not be able to plug into an API that’s being jointly developed by Apple and Google to provide technical support for Bluetooth-based national contacts-tracing apps — and due to be release this month.

The tech giants have elected to support decentralized app architectures for these apps — which, conversely, do not centralize social graph data. Instead, infection risk calculations are performed locally on the device.

By design, these approaches avoid providing a central authority with information on who infected whom.

In the decentralized scenario, an infected user consents to their ephemeral identifier being shared with other users so apps can do matching locally, on the end-user device — meaning exposure notifications are generated without a central authority needing to be in the loop. (It’s also worth noting there are ways for decentralized protocols to feed aggregated contact data back to a central authority for epidemiological research, though the design is intended to prevent users’ social graph being exposed. A system of ‘exposure notification’, as Apple and Google are now branding it, has no need for such data, is their key argument. The NHSX counters that by suggesting social graph data could provide useful epidemiological insights — such as around how the virus is being spread.)

At the point a user of the NHS COVID-19 app experiences symptoms or gets a formal coronavirus diagnosis — and chooses to inform the authorities — the app will upload their recent contacts to a central server where infection risk calculations are performed.

The system will then send exposure notifications to other devices — in instances where the software deems there may be at risk of infection. Users might, for example, be asked to self isolate to see if they develop symptoms after coming into contact with an infected person, or told to seek a test to determine if they have COVID-19 or not.

A key detail here is that users of the NHS COVID-19 app are assigned a fixed identifier — basically a large, random number — which the government calls an “installation ID”. It claims this identifier is ‘anonymous’. However this is where political spin in service of encouraging public uptake of the app is being allowed to obscure a very different legal reality: A fixed identifier linked to a device is in fact pseudonymous data, which remains personal data under UK and EU law. Because, while the user’s identity has been ‘obscured’, there’s still a clear risk of re-identification.

Truly ‘anonymous’ data is a very high bar to achieve when you’re dealing with large data-sets. In the NHS COVID-19 app case there’s no reason beyond spin for the government to claim the data is “anonymous”; given the system design involves a device-linked fixed identifier that’s uploaded to a central authority alongside at least some geographical data (a partial postcode: which the app also asks users to input — so “the NHS can plan your local NHS response”, per the official explainer).

The NHSX has also said future versions of the app may ask users to share even more personal data, including their location. (And location data-sets are notoriously difficult to defend against re-identification.)

Nonetheless the government has maintained that individual users of the app will not be identified. But under such a system architecture this assertion sums to ‘trust us with your data’; the technology itself has not been designed to remove the need for individual users to trust a central authority, as is the case with bona fide decentralized protocols.

This is why Apple and Google are opting to support the latter approach — it cuts the internationally thorny issue of ‘government trust’ out of their equation.

However it also means governments that do want to centralize data face a technical headache to get their apps to function smoothly on the only two smartphone platforms that matter.

Technical and geopolitical headaches

The specific technical issue here relates to how these mainstream platforms manage background access to Bluetooth.

Using Bluetooth as a proxy for measuring coronavirus infection risk is of course a very new and novel technology. Singapore was reported to be the first country to attempt this. Its TraceTogether app, which launched in March, reportedly gained only limited (<20%) uptake — with technical issues on iOS being at least partly blamed for the low uptake.

The problem that the TraceTogether app faced initially is the software needed to be actively running and the iPhone open (not locked) for the tracing function to work. That obviously interferes with the normal multitasking of the average iPhone user — discouraging usage of the app.

It’s worth emphasizing that the UK is doing things a bit differently vs Singapore, though, in that it’s using Bluetooth handshakes rather than a Bluetooth advertising channel to power the contacts logging.

The NHS COVID-19 app has been designed to listen passively for other Bluetooth devices and then wake up in order to perform the handshake. This is intended as a workaround for these platform limits on background Bluetooth access. However it is still a workaround — and there are ongoing questions over how robustly it will perform in practice. 

An analysis by The Register suggests the app will face a fresh set of issues in that iPhones specifically will fail to wake each other up to perform the handshakes — unless there’s also an Android device in the vicinity. If correct, it could result in big gaps in the tracing data (around 40% of UK smartphones run iOS vs 60% running Android).

Battery drain may also resurface as an issue with the UK system, though the NHSX has claimed its workaround solves this. (Though it’s not clear if they’ve tested what happens if an iPhone user switches on a battery saving mode which limits background app activity, for example.)

Other Bluetooth-based contract-tracing apps that have tried to workaround platforms limits have also faced issues with interference related to other Bluetooth devices — such as Australia’s recently launched app. So there are a number of potential issues that could trouble performance.

Being outside the Apple-Google API also certainly means the UK app is at the mercy of future platform updates which could derail the specific workaround. Best laid plans that don’t involve using an official interface as your plug are inevitably operating on shaky ground.

Finally, there’s a huge and complex issue that’s essentially being glossed over by government right now: Interoperability with other national apps.

How will the UK app work across borders? What happens when Brits start travelling again? With no obvious route for centralized vs decentralized systems to interface and play nice with each other there’s a major question mark over what happens when UK citizens want to travel to countries with decentralized systems (or indeed vice versa). Mandatory quarantines because the government picked a less interoperable app architecture? Let’s hope not.

Notably, the Republic of Ireland has opted for a decentralized approach for its national app, whereas Northern Ireland, which is part of the UK but shares a land border with the Republic, will — baring any NHSX flip — be saddled with a centralized and thus opposing choice. It’s the Brexit schism all over again in app form.

Earlier this week the NHSX was asked about this cross-border issue by a UK parliamentary committee — and admitted it creates a challenge “we’ll have to work through”, though it did not suggest how it proposes to do that.

And while that’s a very pressing backyard challenge, the same interoperability gremlins arise across the English Channel — where a number of European countries are opting for decentralized apps, including Estonia, Germany and Switzerland. While Apple and Google’s choice at the platform level means future US apps may also be encouraged down a decentralized route. (The two US tech giants are demonstrably flexing their market power to press on and influence governments’ app design choices internationally.)

So countries that fix on a ‘DIY’ approach for the digital component of their domestic pandemic response may find it leads to some unwelcome isolation for their citizens at the international level.

Powered by WPeMatico

Germany ditches centralized approach to app for COVID-19 contacts tracing

Posted by | Android, api, Apple, Apps, Bluetooth, contact tracing, coronavirus, COVID-19, decentralization, DP-3T, Europe, european commission, european union, France, Germany, Google, Health, iOS, mobile app, operating systems, p2p, PEPP-PT, privacy, smartphones, surveillance, United Kingdom | No Comments

Germany has U-turned on building a centralized COVID-19 contacts tracing app — and will instead adopt a decentralized architecture, Reuters reported Sunday, citing a joint statement by chancellery minister Helge Braun and health minister Jens Spahn.

In Europe in recent weeks, a battle has raged between different groups backing centralized vs decentralized infrastructure for apps being fast-tracked by governments which will use Bluetooth-based smartphone proximity as a proxy for infection risk — in the hopes of supporting the public health response to the coronavirus by automating some contacts tracing.

Centralized approaches that have been proposed in the region would see pseudonymized proximity data stored and processed on a server controlled by a national authority, such as a healthcare service. However concerns have been raised about allowing authorities to scoop up citizens’ social graph, with privacy experts warning of the risk of function creep and even state surveillance.

Decentralized contacts tracing infrastructure, by contrast, means ephemeral IDs are stored locally on device — and only uploaded with a user’s permission after a confirmed COVID-19 diagnosis. A relay server is used to broadcast infected IDs — enabling devices to locally compute if there’s a risk that requires notification. So social graph data is not centralized.

The change of tack by the German government marks a major blow to a homegrown standardization effort, called PEPP-PT, that had been aggressively backing centralization — while claiming to ‘preserve privacy’ on account of not tracking location data. It quickly scrambled to propose a centralized architecture for tracking coronavirus contacts, led by Germany’s Fraunhofer Institute, and claiming the German government as a major early backer, despite PEPP-PT later saying it would support decentralized protocols too.

As we reported earlier, the effort faced strident criticism from European privacy experts — including a group of academics developing a decentralized protocol called DP-3T — who argue p2p architecture is truly privacy preserving. Concerns were also raised about a lack of transparency around who is behind PEPP-PT and the protocols they claimed to support, with no code published for review.

The European Commission, meanwhile, has also recommended the use of decentralization technologies to help boost trust in such apps in order to encourage wider adoption.

EU parliamentarians have also warned regional governments against trying to centralize proximity data during the coronavirus crisis.

But it was Apple and Google jumping into the fray earlier this month by announcing joint support for decentralized contacts tracing that was the bigger blow — with no prospect of platform-level technical restrictions being lifted. iOS limits background access to Bluetooth for privacy and security reasons, so national apps that do not meet this decentralized standard won’t benefit from API support — and will likely be far less usable, draining battery and functioning only if actively running.

Nonetheless PEPP-PT told journalists just over a week ago that it was engaged in fruitful discussions with Apple and Google about making changes to their approach to accommodate centralized protocols.

Notably, the tech giants never confirmed that claim. They have only since doubled down on the principle of decentralization for the cross-platform API for public health apps — and system-wide contacts tracing which is due to launch next month.

At the time of writing PEPP-PT’s spokesman, Hans-Christian Boos, had not responded to a request for comment on the German government withdrawing support.

Boos previously claimed PEPP-PT had around 40 governments lining up to join the standard. However in recent days the momentum in Europe has been going in the other direction. A number of academic institutions that had initially backed PEPP-PT have also withdrawn support.

In a statement emailed to TechCrunch, the DP-3T project welcomed Germany’s U-turn. “DP-3T is very happy to see that Germany is adopting a decentralized approach to contact tracing and we look forward to its next steps implementing such a technique in a privacy preserving manner,” the group told us.

Berlin’s withdrawal leaves France and the UK the two main regional backers of centralized apps for coronavirus contacts tracing. And while the German U-turn is certainly a hammer blow for the centralized camp in Europe the French government appears solid in its support — at least for now.

France has been developing a centralized coronavirus contacts tracing protocol, called ROBERT, working with Germany’s Fraunhofer Institute and others.

In an opinion issued Sunday, France’s data protection watchdog, the CNIL, did not take active issue with centralizing pseudonymized proximity IDs — saying EU law does not in principle forbid such a system — although the watchdog emphasized the need to minimize the risk of individuals being re-identified.

It’s notable that France’s digital minister, Cédric O, has been applying high profile public pressure to Apple over Bluetooth restrictions — telling Bloomberg last week that Apple’s policy is a blocker to the virus tracker.

Yesterday O was also tweeting to defend the utility of the planned ‘Stop Covid’ app.

« Oui l’application #StopCovid est utile ». Volontaire, anonyme, transparente et temporaire, elle apporte les garanties de protection des libertés individuelles. À la disposition des acteurs sanitaires, elle les aidera dans la lutte contre le #COVID19 https://t.co/12xYG5Z8ZC

— Cédric O (@cedric_o) April 26, 2020

We reached out to France’s digital ministry for comment on Germany’s decision to switch to a decentralized approach but at the time of writing the department had not responded.

In a press release today the government highlights the CNIL view that its approach is compliant with data protection rules, and commits to publishing a data protection impact assessment ahead of launching the app.

If France presses ahead it’s not clear how the country will avoid its app being ignored or abandoned by smartphone users who find it irritating to use. (Although it’s worth noting that Google’s Android platform has a substantial marketshare in the market, with circa 80% vs 20% for iOS, per Kantar.)

A debate in the French parliament tomorrow is due to include discussion of contacts tracing apps.

We’ve also reached out to the UK’s NHSX — which has been developing a COVID-19 contacts tracing app for the UK market — and will update this report with any response.

In a blog post Friday the UK public healthcare unit’s digital transformation division said it’s “working with Apple and Google on their welcome support for tracing apps around the world”, a PR line that entirely sidesteps the controversy around centralized vs decentralized app infrastructures.

The UK has previously been reported to be planning to centralize proximity data — raising questions about the efficacy of its planned app too, given iOS restrictions on background access to Bluetooth.

“As part of our commitment to transparency, we will be publishing the key security and privacy designs alongside the source code so privacy experts can ‘look under the bonnet’ and help us ensure the security is absolutely world class,” the NHSX’s Matthew Gould and Dr Geraint Lewis added in the statement.

Update: The NHSX still hasn’t responded to the questions we sent it this morning about how the app will function but a spokesperson has now told the BBC it intends to push ahead with a centralized approach — and is planning to make use of a workaround to mitigate iOS restrictions by waking up the app in the background every time the phone detects another device running the same software.

Per the BBC: “It then executes some code before returning to a dormant state. This all happens at speed, but there is still an energy impact. By contrast, Apple’s own solution allows the matching to be done without the app having to wake up at all.”

When we followed up with NHSX’s press office to ask why we hadn’t received a response to our questions we were CC’d into another email to additional comms staff, one of whom responded to the group email without realizing our email address was included in the thread — writing: “I thought a line hadn’t been cleared? I checked the NHSEI process earlier and one hadn’t been through there.”

Powered by WPeMatico