Introduction - ProteGO-Safe/web GitHub Wiki
The main goal of the ProteGO Safe mobile app is to provide a tool that can assist and protect users and their families from COVID-19 spread, and ultimately ease the transition between nation-wide lockdown and selective quarantine of people, who were exposed to the risk of COVID-19 infection.
Since 13.03.2020 three teams: ProteGO (Bluetooth tracing), SafeSafe (diagnosis and prevention), and Sigma Connectivity (Bluetooth tracing) were creating their solutions for mobile apps aimed to accelerate this process. The Ministry of Digital Affairs has merged these three teams and established a new name for the app – ProteGO Safe. The app is prepared for the Chief Sanitary Inspectorate (further: GIS), which is also the personal data controller. Minister of Digital Affairs and GovTech Polska due to their experience are supervising the development work.
The app is developed in compliance with principles arising from the General Data Protection Regulation (GDPR), including data minimization, privacy by design, privacy by default, accuracy, and confidentiality. Guidelines of the European Data Protection Board, European Commission, and the Toolbox developed under the eHealth Network operating at the European Commission. All parties involved pay particular attention to ensure the highest privacy standards. Adopted solutions ensure the support for the health authorities in fighting the pandemic while using the minimal set of data, necessary to accomplish that goal.
The Chief Sanitary Inspector, in consultation with the Minister of Digital Affairs, decided to halt further development of the Open Trace standard model striving to distribute the system - mainly due to advanced work on the tool that will provide better coverage while maintaining the distributed model - “Privacy-Preserving Contact Tracing” prepared by the consortium of Google and Apple (with the working name “Exposure Notification”).
The ProteGO Safe team has been invited to test the Exposure Notification solution, thanks to which we can implement a solution that has been designed from the very beginning as a distributed system and thus allows us to protect the privacy of users of tracing applications based on this standard.
ProteGO Safe does not require providing any personal data at any of the stages of using the Application. ProteGO Safe also does not collect personal data. All information processed by ProteGO Safe is collected and processed in such a way as to prevent users from being identified.
Currently, the basic functionality of ProteGO Safe is available, which makes it possible to perform triage, i.e. self-assessment of the risk of contracting COVID-19 disease. The triage functionality is provided by the Infermedica API also used by the pacjent.gov.pl portal. This functionality is being rewritten to be a module that will work locally (offline, i.e. not via the API).
The second key functionality that will be based on the Exposure Notification API enables the so-called Bluetooth tracing. If the user agrees - the application, using the built-in Bluetooth device, will announce a randomly generated, fully anonymous key, which will be replaced every 10 minutes, and simultaneously scan the environment for other phones on which the application is running, and save the history of anonymous keys to evaluate the “quality” of contacts using the Exposure Notification API developed by Google and Apple.
The “quality” of contacts assessment is based on configuration (parameters) provided by the local Health Authority. These parameters determine how much the final results will be impacted by: the duration of the meeting; physical distance between the devices; and how much time has passed since the contact occurred. Based on these parameters, the analytical module provided by G + A gives the result corresponding to the risk of exposure to the virus.
In addition to the estimated risk, information is also returned about the length of the meeting, which is recorded every 5 minutes. For security and privacy reasons, the upper limit of time recording is 30 minutes.
These data are stored only on the devices of the Application users and are not sent to any central server, which is ensured by the Exposure Notification API developed by the Google and Apple consortium. The application deletes the data collected on the device after 14 days from the date they were saved in the Application or at any time at the user’s request (appropriate option in the settings).
In the next version of the application (4.1) the functionalities related to COVID-19 prevention will be extended.
At the moment, since the beginning of the epidemic regardless of whether they’re using the app or not, each person diagnosed with COVID-19 disease is informed by phone about the test result by an authorized representative of the health authority. Soon, this authorized representative of the health authority, after informing about the positive result of the COVID-19 test, will also ask if the sick person has the ProteGO Safe application installed and wants to warn other people who were in its environment following the parameters set by GIS. If so, an authorized representative of the health authority proposes to the application’s user to send their Diagnosed Keys history (only the infected person - without the history of devices encountered) from the last 14 days (maximum) to the server from which the data will be sent further to the devices of the end-users of the application.
Thanks to this, after receiving an anonymous DiagnosedKeys package on the end user’s device, the process of analyzing encountered devices with the ProteGO Safe application installed will be initiated. The analytical module will first check whether the application has “seen” itself with an infected, DiagnosedKey.
If such contact has occurred, the application based on meeting time, the distance between devices, as well as other factors indicated in the GIS guidelines, will decide whether the end-user of the application should receive information about the potential threat of an exposure.
Then the application will display further messages (including the precise phone number for contacting the Contact Center) on how to proceed in case of being in the High-Risk Group of being exposed to SARS-CoV-2.