COVID APPS: WHAT COULD POSSIBLY GO WRONG?

From IIW

COVID Apps: What Could Possibly Go Wrong?

Tuesday 2I

Convener: Phil Wolff

Notes-taker(s): Phil Wolff

Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Risks and Threats:

Surveillance
Government national security, internal security services coopt public health data. See Palantir.
Doxing with immune/sickness status can hurt the individual, the family, workplace, community.
Project risks (breaking scope, schedule, budget, quality)
Pushing too fast; making bad choices.
Poor coordination (duplication, contentious initiatives)
Semantics for passport/EHR data are changing rapidly, vary widely
Expedience trumping better architecture, public policyIntegrating with systems that are not aligned to privacy values.
Incomplete solutions
Poor job setting expectations with healthcare organizations.
Bringing technical solutions to relational/relationship problems
Commoditization of identity vice keeping it transactional
Too tightly coupling identity with medical data
Human behavior
Heisenberg effect? Can passports with credentialed data alter their behavior in good ways? Bad ways?
Perception of immunity passports (content) can alter behavior, social norms. https://en.wikipedia.org/wiki/Gattaca
Technical risks
Bluetooth false positives at a very high rate?
Missed opportunity: Not building on existing infrastructure, like immunology records provided by clinics to parents for their kids to schools.
Excluding humanities professionals from design and oversight. Social scientists, for example.
Not modeling caregivers, familial relationships, proxies and other people who need legal or practical use of data.
Excludes billions of people without the latest devices or connectivity.


Contact tracing can produce panopticon if privacy architecture is broken
http://www.apple.com/covid19/contacttracing/
http://github.com/mit-ll/BluetoothProximity
http://web.mit.edu/webcast/pact/s20/
http://www.sicpa.com/news/covid-19-immunity-passport-secured-blockchain-enable-deconfinement
Living wills and durable powers of attorney not available conveniently/digitally
Does this framework account for humans who don’t care about the harm they cause others?
Not designing first for highest impacted populations
Not designing for the offline

Action:

Code of Ethics for vetting design and architecture. Potentially Trust Over IP (ToIP)
Best practices for building apps with sensitive data
Social Contouring, to meld humanities with other
Guardrails for bad actions and audits to catch them
Get the Tempo right:
Stop admiring the problem, fix it now, people are dying
Go slow to go fast

Apps list:

CommCare for COVID-19 http://www.dimagi.com/ Some of the template apps are, per list here:

    • “Contact Tracing: WHO First Few X (FFX) Cases”
    • “Port of Entry Surveillance”
    • “Facility Readiness and Supply Chain Tracking”
    • “Lab Test Tracking” (announced)
    • “Health Worker Training & Monitoring” (announced)

https://github.com/mit-ll/BluetoothProximity
 http://www.sicpa.com/news/covid-19-immunity-passport-secured-blockchain-enable-deconfinement WHO on Contact Tracing @ https://www.who.int/csr/resources/publications/ebola/contact-tracing/en/ https://coviid.me - Contact tracing for Africa doesn’t require a cell phone at all. www.hieofone.com thanks https://github.com/HIEofOne/Trustee-Immunity-Passport