Does the NHS Test and Trace app invade your privacy?

The road to delivering the NHS Test and Trace app has not been a smooth one. It probably hasn’t been any rockier than the journey any piece of software takes through development; but most teams of developers aren’t working under such public scrutiny.

Now it has arrived, it’s available from your friendly neighbourhood iPhone App Store and Google Play store.

One of the concerns about this app has been whether or not it will invade the privacy of the people using it.

NHS Test & Trace 1.0

The first app that our government proposed would have worked around a centralised data model. As Aunty Beeb explained, back in April: “(The government) has opted for a ‘centralised model’ to achieve this – meaning that the matching process, which works out which phones to send alerts to – happens on a computer server.”

Anyone who remembers the security controversy over the last Labour government’s attempt to introduce ID cards and build a national database, will see why this notion of a central government server gathering our data would be a matter of concern for some people.

Well, that idea was eventually abandoned. Partly because of privacy concerns, but mostly because the system simply didn’t work reliably on Apple iPhones.

NHS Test & Trace 2.0

Now we have the second iteration of NHS Test and Trace and it doesn’t require information to be uploaded to a central server.  As detailed in the government’s own App Explainer, this new app works on Bluetooth to check for the proximity of other phones carrying the app. This is similar to other contact tracing apps that have been working in countries like Ireland.

It works around the API that Google and Apple built back in the early days of the pandemic. Mindful of privacy and security issues, they deliberately created their Application Programming Interface to collect as little data as possible. So, you don’t need to create an account nor to give it your contact details. You don’t even need to tell it your precise location. Indeed, the Explainer specifically states “The app does not collect any location data (and) no personal information is collected”.

So, it looks like NHSX (the technology arm of the NHS) has done everything it can to assuage concerns about data protection privacy.

Obviously, the effect this app will have on tackling the spread of Covid-19 will remain to be seen. Meanwhile, if you want to take a closer look at the app, the code is open source and can be scrutinised at GitHub.

So, are you reassured? Will you be downloading and using the NHS Test & Trace app, or do you still have concerns? Come and tell us all about it on Facebook or Twitter. We promise, we won’t follow you home afterwards.

Would love your thoughts, please comment.x