With Global Threat Comes Global Responsibility
worldwide spread of the COVID-19 pandemic confronts human societies with
entirely new challenges that have not existed in this form in the digital age.
Strategies to combat the spread of the pathogen are therefore largely based on
“traditional” measures such as behavioural recommendations, restrictions to
free movement of persons, the shutdown of schools, organizations and companies,
and the identification and quarantine of infected people based on medical
technologies provide promising opportunities to complement the above-mentioned
measures and increase their effectiveness, e.g., by enabling quarantine
measures to target potentially infected people faster and in a more focused
manner. Indeed, due to the current quarantine situation, the Internet and its
services constitute “the” information gateway for many societies.
security research community has been concerned with topics and methodologies
such as assessment and evaluation of large scale threats and analysis of the
spreading of computer viruses and worms that often follow similar rules of
exponential growth as biological diseases and pandemic.
disaster situations such as current pandemic requires extensive data collection
biomedical data to users’ personal and behavioral data. For example,
contact tracing using mobile phones was conducted successfully in several
countries such as China, South Korea, Singapore, and similar initiatives have been
started in a number of other regions including Europe and the US. However,
these tracing technologies collect highly sensitive data from individuals.
and privacy, particularly concerning medical data, is strictly regulated in a
number of countries. It may seem obvious to abolish or relax privacy
regulations in crisis circumstances. While some governments have already
decided to lift or relax privacy regulations in their respective countries
temporarily, some others are still reluctant to do so, worried about privacy-invasive
solutions that might remain in use even after the current disaster situation
has been resolved. In addition, even if new relaxed laws and regulations are
passed, users may not be willing to use the tracing apps and systems in practice
due to privacy concerns. This is an obstacle for the effectiveness of tracing
apps because they are only effective when many people are willing to
participate in the system voluntarily. Particularly,
the designers of disaster management solutions should bear in mind that in
the privacy and safety of individuals are anchored in constitutions, and even
in crisis situations it is important that the deployed technologies provide a
reasonable level of security and privacy protections.
crucial threat these solutions are confronted with is misinformation, amplified
through social online media, luring many people into conducting unreasonable and
The current pandemic is a global threat, and a global threat comes with global responsibility. It is time for the brilliant minds to gather and find effective solutions against this threat at multiple levels and in disparate areas. We believe that as a top international scientific venue NDSS provides an excellent environment for exchanging, discussing and exploring innovative ideas where information security and privacy play a key role.
The main goal of
this NDSS co-located workshop is to collect and evaluate innovative ideas and
interdisciplinary proposals for using digital technologies to complement current
efforts in fighting the pandemic created by the COVID-19, as well as to develop
concrete practical proposals for solutions to various related problems. Security
and privacy researchers have developed many tools that can be integrated in IT
solutions for disaster management as well as to protect the data generated by
those disaster management tools. Proposals can also include sociological
aspects related to data processing and communication systems as well as on data
analysis methods that would enable extracting useful information about the
pandemic situation, making that information available in a suitable format to
relevant authorities, persons affected by the crisis, and to the civil society
in general. This also includes methods to incentivise users to employ such
systems as well as means to prevent misinformation. Last but not least, the
practicality of the proposed solutions plays an important role.
Scenario: Since a pathogen spreads via droplet infection, a contact ban has been issued that prohibits gatherings of more than n people. However, in secluded buildings or environments, it can be difficult to ensure that you are not around too many people.
Solution approach: Smartphone apps that use a cloud service to track the number of people within a certain radius, e.g., with the help of GPS observations, can notify and warn users that they are in the vicinity of too many other persons.
Research problem: To prevent the cloud service from being able to create massive and detailed movement profiles of individual users, privacy-protecting methods should be used. Instead of GPS data, e.g., counting of WiFi or Bluetooth beacons nearby could be used to realize issuance of warnings without the need to transmit detailed location information to a central server.