[liberationtech] COVID-19 (Update) U.S. Cellphone tracking
grarpamp at gmail.com
Tue Mar 31 08:16:15 PDT 2020
> It is probably worth noting that the needed surveillance does not require
> privacy violations.
> In fact, better solutions have been available for a long time:
Regarding trust, accuracy, liberty, etc of "delivered health certificates",
users must have individual ability to assign trust levels to various
testing organizations, such as via loading their pki/ca scheme in app.
Various "government" and private tests are using many different
assay and collection methods, these have already proven to have
varying levels of false positive/negative, and may or may not have
signed their cert over the holders phone serial number or
simple face pic leading to fradulent presentation.
Users may wish to select an accurate private test company,
strong liberation, privacy preserving, etc... over some authoritarian
government body that only gets 2 out of 3 test param right, does not
test blood sample under full realtime custody of the user to monitor
their own test and personally destroy after, welds your ass behind
a steel door, etc.
P2P proximity apps are interesting tools for these situations,
but be very wary establishing granting slippery powers, forever
databases, ID, tracking, etc to central "authorities" in the process.
Also users don't really care as much to "record a [risky] contact
forever", that is the old after the fact tracking database surveillance
anti-privacy state apologist mindset. And, were it the sole operation
mode, would be entirely useless/unsafe in the realtime moment.
Users really just want to gauge "should I have some reasonable
or particular interaction with this person right now at this moment".
Of course there is always delay continuum from test, to disease
acquisition, to spreading phase, to later discovery in later test,
a window of risk.
That operation mode would require a distributed social overlay
network personal test repository to backcheck old contacts
against, and mandatory time based contact record destruction
falloff curve on each users device and or in the distributed net.
Making both users contact history anonymous, and or
ensuring privacy self destruct of contact falloff, is an
P2P proximity app could even offer other potential decision
metrics to proximity peers, such as number of unique
contacts over time, distance traveled, risky or evidencial
places visited, degree-of-freedom depth to other pass/fails,
ranking and voting on testing entity pki/ca levels of trust, etc.
None of this requires any government exist power or intrusion at all.
Good things can be recognized and achieved voluntarily.
Last, beware the very potential disgusting impact of "social scoring"
"caste enforcing" etc that even P2P schemes can enable and devolve into.
More information about the cypherpunks