• admin
  • Cybersecurity
  • No Comments

The UK’s NHS Track and Trace App may not only be a privacy threat, but it’s poor usability may mean that it is ineffective too

Plenty of privacy and security experts have come out to criticise the NHS’s approach, which is at odds with almost every other country in the world.

Most companies have chosen to adopt a decentralised approach and are harnessing the Apple / Google API that allows tracing apps to run in the background accessing Bluetooth at the operating system level.

The UK and Australia are almost alone in adopting a centralised approach which means that they are unable to harness the Apple / Google API. Instead the UK app needs to be running and active on the phone all the time in order to be effective.

If the user allows the phone to go to sleep, uses another app or lets the battery run out then the app stops being effective. To keep it running they need to keep it active all the time.

People are likely to download the app out of loyalty to the NHS which is almost universally admired in the UK. They are then likely to use it once or twice before finding the limitations so great that they then give up with it.

For the whole project to work we need mass adoption. Somewhere upward of 60% of the population need to not only download the app, but need to also use it all the time, or contact tracing won’t be effective. With the way that the app has been designed this is never likely to happen.

You then also need to consider the privacy implications of a centralised system which will also put people off and impact adoption levels and there is also a cyber risk here. Bluetooth is a major attack vector for cybercriminals. If the NHS App became vulnerable to a Bluetooth worm then the daisy-chain nature of the app would allow the worm to spread like wildfire from phone to phone – and at the same time the users, their location and their heath data would be put at risk.

Bill Mew, founder and CEO of The Crisis Team, was asked to explain these issue during interviews with the BBC and RT. See below the RT interview where Bill was the main commentator to appear immediately after the press conference given by the UK Prime Minister and Heath Secretary.

What are your thoughts?

Video: “The UK’s @NHS Track and Trace App may not only be a #privacy threat, but it’s poor usability may mean that it is ineffective too” @BillMew explains on @RT_com
Author: admin

Leave a Reply