Collective blog of the Computational Privacy Group at Imperial College London

Evaluating COVID-19 contact tracing apps? Here are 8 privacy questions we think you should ask.

While governments are ramping up their efforts to slow down the spread of COVID-19, contact tracing apps are being developed to record interactions and warn users if one of their contacts is later diagnosed positive. These apps could help avoid long-term confinement, but also record fine-grained location or close-proximity data. In this blog post, we propose 8 questions one should ask to understand how protective of privacy an app is.

Read blog ↦

Can we fight COVID-19 without resorting to mass surveillance?

Governments across the world are doing everything they can to fight the COVID-19 virus. Used correctly, data collected through mobile phones could help monitor the effectiveness of lockdown measures and track contacts of people who have been tested positive. We've had many people reaching out to ask if the data could be collected and used effectively without enabling mass surveillance. We thought we'd share our response

Read blog ↦

When the signal is in the noise: Exploiting Aircloak's Diffix anonymization mechanism

Information about us is being constantly collected, through our phones and the services we use online. This data is hugely valuable but also highly personal, and often sensitive. This raises a crucial question: can we use this data without disclosing people's private information? We studied Diffix, a system developed and commercialized by Aircloak to anonymise data by adding noise to SQL queries sent by analysts. In a manuscript we just published on arXiv, we show that Diffix is vulnerable to a noise-exploitation attack. In short, our attack uses the noise added by Diffix to infer people's private information with high accuracy. We share Diffix's creators opinion that it is time to take a fresh look at building practical anonymization systems. However, as we increasingly rely on security mechanisms to protect privacy, we need to learn from the security community: secure systems have to be fully open and part of a larger layered security approach. Privacy is hard, it is time to admit that we won't find a silver bullet and start engineering systems.

Read blog ↦