Privacy Standards, References & Papers

Owned by Diarmid Mackenzie
Last updated: May 21, 2020
1 min read



Voluntary Data Rights scheme - we are not signed up to this yet AFAIK, but I hope we will

https://exposurealerting.org/

EU standards

https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_20200420_contact_tracing_covid_with_annex_en.pdf

Technical paper on how to protect privacy of infected user data. Hashing & PSI. Hashing may be a reasonable short-term solution, as it can still work with a simple server / flat text file.

https://arxiv.org/pdf/2003.14412v2.pdf

Short-term plan (MVP1) is outlined in detail here:
Design for MVP1 HA JSON Changes

This rougly aligns with the “interim” hashing solution covered in the MIT paper above, and the Wired aricle referenced below.

 

Our long-term plan is #4 in this paper:

https://github.com/PrivateKit/PrivacyDocuments/blob/master/GpsEncryption.pdf


8 April Wired article discussing Safe Paths Privacy algorithms.
https://www.wired.com/story/covid-19-contact-tracing-apps-cryptography/