Versions Compared

Old Version 4

changes.mady.by.user Diarmid Mackenzie

Saved on

compared with

New Version Current

changes.mady.by.user Diarmid Mackenzie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This concerned me because we have a huge amount of product function dedicated to Exposure Notifications: Safe Places Redaction & Publishing, Health Authority config in Safe Paths, and the Exposure Notification processing itself. Betwene Betweeb them these add up to about 50% of the product. Is it really not needed?

...

  • Ensure that “Redaction” guidelines are up-to-date to ensure that all data that is likely to be ineffective for exposure detection (e.g. walking o on the street outside) is redacted.

  • Consider renaming “Redaction” to shift emphasis from privacy towards efficacy. This will include in privacy language used towards users.

  • All data points are stored as one-way hashes - see Hashing details below, to either +/-19m or +/-76m accuracy (TBC). Also whether Whether or not to include salt in MVP1 is TBC.

  • Update Safe Paths App to match based on hashed geohashes of:

...

  • Update Safe Paths App to log a minimum number of points of concern before generating a notification (value tbD. 6 = 30 mins?)suggested default: > 66% of points over a 30 min period)

  • These parameters to be specfied by the HA in their HA JSON file (as a global setting), with guidance provided on what we believe are suitable settings.

  • Reduce default exposure time for a point of concern from (0 mins to 4 hours) to (-5 mins to +5 mins). This reflects the fact that we believe that trying to capture fomite transmission will yield too many false positives, so we are only focussing on person-to-person transmission.

Hashing Details

Published data points should be geohashes (less-precise than specific GPS points), and stored as a SHA-256 hash of (geohash, time-bin) (where time-bin is a 5 minute rounded-down time interval in UTC).

...

  • Specific to a single HA

  • Changes daily & is not pre-announced

  • Can be published by the HA alongside the points of concern

Future Phases - all beyond MVP1

If we deliver MVP1 as above, what would future phases look like? (we can also conaiser whether any of these is so important it should be in MVP1

  • Variable geohash blurring depending on geography (urban vs. rural) and number of points of concern.

  • Add a “criticality” value to a point of concern, to allow the contribution a given point of concern makes towards hitting the threshold for notification to be different from the default value.

  • Add a “time-window” value to a point of concern: to allow the time-window that counts for an overlap to be different from the default value.

  • Add basic tools to Safe Places to allow “criticality” and “time window” to be set on individual data points.

  • Add targeted toools tools to Safe Paths Places to replace user-provided data points with synthetic data points that are optimal for generating user matches, for example:

  • (e.g.) A “Bus” tool, which traces a bus route with a much finer set of data points, each with a very low “time window”

  • (e.g.) A “Cinema/Theater” tool, which sets high-criticality points of concern at the start and end times of a given show, and sets negative-criticality points of concern during the middle of the show.