Q: Why wouldn’t the telecoms learn health data, i.e. the telephone numbers of those tested positive? What are the assumptions for this?

A: Because the health authority encrypts the telephone numbers before sending it to the telecoms. The encryption scheme in use relies on mathematical assumptions that are even believed to be secure in the presence of a future scalable stable quantum computer.

Q: Why wouldn’t the health authorities learn movement data? What are the assumptions for this?

A: The protection against this is twofold. First, health authorities only get aggregated information. Secondly, differential privacy – a further anonymization technique – is applied before releasing the output. These two techniques are well-studied and are applied according to the latest knowledge in research.

Q: But wouldn’t there be still some small leakage, just from the output, i.e. the Corona Heatmap.

A: Compared to not doing anything and learning nothing, yes, there is a small difference. But the Corona Heatmap is anonymized. It is highly unlikely to identify any patient from the Corona Heatmap under currently available re-identification technologies.

Q: Is the Corona Heatmap already in use?

A: No.

Q: If the Corona Heatmap would be used, who gets the output?

A: Only the health authorities. We only provide the software which is open source and can be checked by anyone for malicious behavior. At no time, we have access to any data.

Q: Which data did you use so far?

A: Simulated data was used for the development and testing.

Q: Do I as a (potential) patient need a smartphone for this to work?

A: No, any mobile phone will work…

Q: As a mobile phone company, what do I have to do to help with this?

A: Get in touch with us corona-heatmap@iaik.tugraz.at!

Q: Why should I trust you?

A: Don’t trust us, check the science and make up your own mind.
Source code open: https://github.com/IAIK/CoronaHeatMap