PACT: Privacy-Sensitive Protocols And Mechanisms for Mobile Contact Tracing
- Justin Chan ,
- Landon Cox ,
- Dean Foster ,
- Shyam Gollakota ,
- Eric Horvitz ,
- Joseph Jaeger ,
- Sham Kakade ,
- Tadayoshi Kohno ,
- John Langford ,
- Jonathan Larson ,
- Puneet Sharma ,
- Sudheesh Singanamalla ,
- Jacob Sunshine ,
- Stefano Tessaro
IEEE Data Engineering Bulletin | , Vol 43(2): pp. 15-35
The global health threat from COVID-19 has been controlled in a number of instances by large-scale testing and contact tracing efforts. We created this document to suggest three functionalities on how we might best harness computing technologies to supporting the goals of public health organizations in minimizing morbidity and mortality associated with the spread of COVID-19, while protecting the civil liberties of individuals. In particular, this work advocates for a third-party–free approach to assisted mobile contact tracing, because such an approach mitigates the security and privacy risks of requiring a trusted third party. We also explicitly consider the inferential risks involved in any contract tracing system, where any alert to a user could itself give rise to de-anonymizing information. More generally, we hope to participate in bringing together colleagues in industry, academia, and civil society to discuss and converge on ideas around a critical issue rising with attempts to mitigate the COVID-19 pandemic.