ONE STEP AHEAD

Fast and effective tracing of COVID-19 

STAYAWAY COVID is a voluntary system aiming at supporting the country in the screening of COVID-19. The mobile app for iOS and Android will be freely available in the next few weeks.

In the course of a pandemic, timely diagnosis of the population and informed reporting are crucial to break and control the chains of transmission. In the case of COVID-19, this does not come easy given the extended incubation period of the disease and the fact that, in many cases, infected patients are asymptomatic. 

Thanks to STAYAWAY COVID, we are able to find out if we are at risk of being infected, based on the contacts we have been close to in the previous couple of weeks. A community-wide uptake of this app will turn it into a valuable and decisive ally in the fight against COVID-19.

What it does

If the application is running on my mobile phone and I have been in contact with someone tested positive for COVID-19 who also uses the app, I will be warned of my potential exposure to the virus. Thanks to this alert, I can ask to be tested for COVID-19 even before displaying any symptoms.

Also, anyone I was in contact with – as long as they are using the app too – will be alerted that I was infected when I was close to them, although I did not know it by then. At no time, will my identity be revealed to my contacts. With COVID-19, one can be infected without ever feel any symptoms and still be a source of contagion.

In both cases, the application, which complies with the European and Portuguese personal data protection laws, ensures anonymity by not using any user identifiable information, and deletes all data after 14 days.

How it works

Broadcast

The mobile phones indicate their presence to all nearby devices, using low-energy Bluetooth messages.

The information shared between devices converts into anonymous and unidentified codes. Moreover, they are stored only on the mobile phones that collect them.

Diagnosis

Whenever a user is diagnosed with COVID-19, the codes that he/she broadcast over the previous 14 days will be shared openly.

Sharing requires the user’s consent and the legitimation of healthcare entities.

Warning

From time to time, the application will download the codes of recently infected people from an official server.

The application cross-checks the downloaded codes and those sent by other devices over the previous 14 days.

If there is a potential for contagion, the application alerts the user, who should then contact the healthcare services.

Guiding principles

Uptake of the app by citizens is voluntary and non-discriminatory.

Complies with the most relevant European and National legislation on personal data protection.

All personal data collected is anonymous, independent and handled separately from any other additional data collected to detect close contacts based on the proximity of two or more citizens.

Security and privacy certifications in accordance with European standards.

Alignment with ongoing initiatives at EU level.

App’s source code to be publicly released.

Self-dismantling once the user opts out.

FAQ

Since there is still no consolidated experience with these types of applications, there is no conclusive answer to this question.

Several international scientific panels (e.g. eHealth Network) have assessed the potential advantages and disadvantages, thus informing policy-makers in several countries inside and outside the European Union.

Political decisions made in the vast majority of European countries focused on launching these types of applications, taking into account the potential benefits in controlling the pandemic.

Portugal also made a decision in this regard, which leads us to the following question.

The STAYAWAY COVID system adopts the solution recommended by the DP^3T initiative, which is ruled by the principles of protection of individual privacy, advocated by a wide range of international researchers, as exposed by an open letter written in April this year.

Other countries like Germany, England, Estonia and Italy adopted similar technical solutions, with the support of the manufacturers Google and Apple.

What characterises this solution is the principle that the application’s operation should not include the collection of personal information by the entities that manage the system.

The use of the system is voluntary, and the contact with the healthcare authorities can only take place if the user agrees to do so, after using the application.

Since March 2020, INESC TEC has been participating in the DP^3T, a European initiative that developed and proposed a solution for digital contact tracing, which is now crucial to the systems of nearly all European countries, as well as to the “Exposure Notification” module, available on Android and iOS mobile operating systems.

As an Associate Laboratory and public utility institution, INESC TEC’s mission is to contribute actively to the development of solutions to the country’s social and economic challenges, and to the definition and adoption of public policies that benefit from the scientific and technological expertise of said institutions. In this sense, and in addition to the researchers’ participation in the development of the DP^3T protocol, INESC TEC took on the development of a complete system that could be deployed and operationalised as a national tracing solution for COVID-19, thus addressing the challenge presented by the Foundation for Science and Technology (FCT).

The STAYAWAY COVID system is, evidently, based on the DP^3T protocol, ruled by the principles of voluntary use, protection of individual privacy and the rejection of personal information gathering by the entities that manage the system.

After having access to the application, the Portuguese Government decided to adopt it nationwide.

You just need to install the STAYAWAY COVID application once it becomes available on the Apple app store, for iOS, and on the Google Play Store, for Android mobile phones.

We are doing our best to make the application quickly available. It will take a few weeks, though.

Absolutely not. No prevention or mitigation action is 100% effective. However, adopting several precautions (proper hygiene, respiratory/cough etiquette, physical distancing, etc.) will contribute to stop the spreading of the virus.

In this sense, we need to reduce our individual capacity to “replicate the disease” i.e. the average number of people we infect from the time we become infectious until our full recovery.

With COVID-19, we are estimated to be infectious agents for an average of 10 days. We may not have any symptoms for some time, but 44% of infections occur exactly when we are still asymptomatic!

It is precisely in this period that the use of digital tracking through this application is so important in order to reduce said percentage.

No. The app’s effectiveness is proportional to its use: the more people are using it, the better in terms of boosting the country’s capacity to identify and warn a higher number of asymptomatic people, prompting them to early testing.

Yes, to be active yes, it requires Bluetooth on. However, the app use Bluetooth Low Energy (BLE) that consumes less power than regular Bluetooth we use with active speakers, headphones and car audio.

The app periodically requires (once a day) to access a oficial and public server (see question “Is any data made available online?”). This can be done using WiFi or mobile data.

The assessment relies on state-of-the-art scientific knowledge, in line with recommendations issued by healthcare authorities. Being with an infected person for approximately 15 minutes, at a distance less than 2m can significantly improve the likelihood of contagion. Should these precautionary measures be reviewed by healthcare authorities, the application will adjust accordingly.

No, the warning is issued locally by the app. 

No external entity knows the identity of the user or his/her mobile phone number and therefore is unable to send notifications, be it with text message or any alternative means.

Furthermore, no external entity has the information required to assess the user’s risk of contagion, as the data is stored on the user’s mobile phone.

One of the main objectives is to have the system fully interoperable with the highest number of tracing initiatives across European and non-European countries as possible. The system’s design and development have been carried out in liaison (where feasible) with several European countries that are developing similar applications, particularly those based on the DP^3T architecture. This way, the application on each mobile phone should be able to cross-check the data it collected with that shared online by any of those countries.

No. The system only uses numbers generated randomly by the application installed on the mobile phone.

Yes, the system was subject to a Data Protection Impact Assessment and evaluated by the Portuguese data protection agency – CNPD. CNPD’s recommendations will be followed and the DPIA updated as needed.

The system has been designed to preserve the user’s anonymity. The data broadcast and received by mobile phones, as well as the data that might be shared online, are random numbers generated by the app, completely unrelated to the users.

Nevertheless, the generated codes are unique and, ultimately, enable the auto-identification of a close contact, therefore relating identifiable citizens. For this reason, we formally consider the data as pseudonymised data, even if the system is unable to reveal the identity of the users.

The only data handled by the system are the random numbers generated by mobile phones. This data is stored on mobile phones that are close enough to collect them, usually for a period of 14 days (maximum, 21 days). No data collected by the mobile phone ever leaves the device. Therefore, the data collected is not stored on any server or database.

Yes, more specifically, the random numbers generated by the mobile phones of people infected with COVID-19. When diagnosed with COVID-19, the user is asked to provide the random numbers that he/she broadcast over the previous 14 days through the application; the data is then made available on an official and public system server. The data is entirely anonymous, unrelated to the mobile phones or their users.

Yes, more specifically, the random numbers generated by the mobile phones of people infected with COVID-19. When diagnosed with COVID-19, the user is asked to provide the random numbers that he/she broadcast over the previous 14 days through the application; the data is then made available on an official and public system server. The data is entirely anonymous, unrelated to the mobile phones or their users.

It is extremely unlikely. Despite the security-by-design development of the system and its compliance with the highest security standards it is still possible. The application establishes connections and transmits data on two separate occasions and, on each occasion, there is a possibility of the mobile phone or user be identified for malicious purposes.

Whenever users enable tracking, the application broadcasts random numbers that are anonymous and decontextualized. However, if the collection of data broadcast by an unofficial application coincides with the registering of the identity of the mobile phone or its user by any other medium or device, one could associate said anonymous data with the device or its user, for malicious purposes.

The second possibility is when the application connects to the official and public server, in order to provide the random numbers broadcast over the previous 14 days. As in all current computer systems, online communications leave records, both on network operators and on servers. Through additional external information, people can use these records to identify the device that made the connection. Portugal will host the official server, and an official institution will be responsible for the operation, according to the paramount European security and privacy practices.

The only relevant processing is the one that the application carries out on each mobile phone. This process includes the cross-checking of online data and the random numbers that each user’s mobile phone collected over the previous 14 days. Online data, like all other data handled by the application, are devoid of information. The information we focus on is only available through the cross-checking of data stored exclusively on mobile phones.

Yes. The application will delete the data stored on mobile phones after a maximum period 21 days; all data will be deleted when the application is uninstalled. Similarly, online data will be deleted after a maximum period of 21 days. The entire system will be suspended when the end of the pandemic is officially declared in Portugal.
The 14 to 21 days period corresponds to the incubation period for the disease, according to the current information by healthcare authorities. This period determines limits to the application’s operation. Should healthcare authorities revise this information, the application will adjust accordingly.

No computer system is perfect; in this sense, the question should be: how does the STAYAWAY COVID application minimise the risks to our privacy?

The STAYAWAY COVID application adopts the DP^3T protocol (which differs conceptually and architecturally from systems developed outside Europe), in order to ensure the maximum privacy of users and guarantee their control over their own personal information.

The adoption in several European countries such as Germany, Switzerland, Italy, Ireland, Estonia, etc., is a good sign, since it shows that there is no evidence of significant risks until now.

Moreover, the operation of the STAYAWAY COVID system follows the good practices adopted by the partners of the DP^3T initiative, and closely monitors the evolution of solutions implemented in other countries, with the management of potential security and privacy issues, according to what is done internationally.

The system has been subject to a Data Protection Impact Assessment (DPIA, in Portuguese) whose recommendations after consultation with the National Data Protection Commission will be followed. All the software developed has been audited by the National Cybersecurity Center and is available for public consultation.

About Us

An INCoDe.2030 initiative supported by the Foundation for Science and Technology