The NHS should leave the apps to Apple & Google

Arthur Hurnell

June 10, 2020

In order to return to health and a sense of normality, we need to identify and suppress future coronavirus outbreaks through the NHS and healthcare system. We can trace infections between people who know each other, but it’s much harder to trace infections from strangers on a bus, in a restaurant, or at the beach.

Contact-tracing apps, which use Bluetooth to identify and log passers-by, could be a useful and necessary tool. But the apps need to be ready soon. They must work well and be in common use. Unfortunately, the British contact tracing app is late, unlikely to ever be effective and risks alienating users by invading their privacy.

Simply put, for contact tracing to work in the UK, the NHS should leave the apps to Apple and Google.

The project is struggling because the NHS innovation unit, NHSX, is rejecting expertise and support from Apple and Google. Nonetheless, it isn’t too late for the UK to change course and make the NHS app a success.

There is a lot of complexity around the different options for Bluetooth-based contact-tracing apps, but it boils down to a simple choice. Centralised apps send records of the people you have come into contact with to a central ‘server’ some or all of the time.

Decentralised apps keep all the information about who you came into contact with on your own phone. The server only publishes a list of those who may have coronavirus. Your phone checks to see if you encountered them.

The main problem with centralised apps is that they give the central server the ability to ‘see’ meetings between individuals in many situations. That’s a lot more intrusive than services like Google Maps, because it provides much detail on your location, down to which side of the room you’re on, and the tracking cannot be turned off.

The mandatory implementation of these apps is why Apple and Google are, rightly, so opposed to centralised apps. They have learned that any tool they make risks being abused by some governments to oppress their citizens. So Apple and Google were faced with a binary choice between allowing centralised apps everywhere, including Iran, Venezuela and China, or discouraging them.

They’ve chosen to support decentralised tracking only, with toolkits for making these apps. Most European countries, including Ireland, Germany and Switzerland, have chosen to make decentralised apps that work with Apple and Google’s approach. However, in the UK, we have opted to ignore it.

The NHSX team are relying on so-called workarounds’ to make their app functional. From my experience, workarounds rarely work. I copied the source code of the NHSX app and tested it (on iOS). I found that the Bluetooth stops broadcasting around twenty minutes after the user locks their phone, but the app doesn’t start working again after the phone is unlocked unless the user manually restarts it.

Once it goes off, it could stay off for months, providing no protection to anyone. The NHSX team are planning to rely on herd immunity to keep their app running. The idea is that when you come into contact with another user, the apps ‘wake’ each other up. This obviously flawed plans does not take account of people living or travelling alone, because once their app stops working, it doesn’t restart.

The testing of the app on the Isle of Wight has highlighted these obvious issues and the project has been delayed by six vital weeks. Unsurprisingly, the experienced teams at Apple and Google have released toolkits on schedule.

Even if the NHSX team use their six-week delay to make a working app, there is no guarantee that it would continue to work. Apple and Google don’t want governments to be able to make centralised tracking apps, so any ‘workarounds’ used to make one are likely to be removed from Android or iOS in the future.

The workarounds are also likely to drain phone batteries, which could seriously impact usage. The Singapore contact tracing app only had 25 per cent take-up because of how it affected battery life. The NHSX app will also not be compatible with decentralised apps, so it won’t be effective on the Northern Irish border or for foreign visitors to the UK, even though we all know the importance of cross-border infections.

The centralised approach also risks putting people off by riding roughshod over users’ legitimate concerns. Many people are likely to be uncomfortable with an external server record of who they met, where and when. The cliché and outdated “if you’ve nothing to hide, you’ve nothing to fear” attitude ignores the fact that we need everyone to use the app, even those with something to hide.

Personally, I’m concerned about coronavirus, but I’m also aware that we are entering a world where there will be detailed records of all our transactions and CCTV will recognise us by our face and gait. So, I’m unwilling to also accept a database of all my meetings.

Even if the app developers say their records are private, they will be very vulnerable to hackers or to the police, who could easily gain access with a court order. Much of the public feels the same and NHSX needs them to download and use the app.

So why is NHSX still pursuing the centralised approach? They claim to have evaluated the decentralised approach and found it lacking. They say that they need more data for their computer models, which hardly seems the most important goal.

They also claimed that the decentralised approach is ‘vulnerable’ to hackers. Supposedly, an antennae attack is possible on decentralised apps. The idea is that a hacker could attach a powerful Bluetooth antenna to a computer and trick app users into thinking they are close. Then they could self-certify having coronavirus in order to create a false alarm.

I don’t think this is a serious problem for various technical reasons, and clearly neither do Google or Apple. However, even if it was, could we not deal with it by testing people who self-report having coronavirus? Surely, we’d be doing this anyway to eliminate false positives.

In reality, the NHS project has gone wrong in a way that so many IT projects do. The initial goals for the project, such as gathering population data, were impossible but the sales team promised them anyway. The developers now cannot deliver the product, so there is delay after delay as no one can admit failure without also admitting blame.

We saw the same story we’re seeing in the NHS with the Brexit app for EU citizens. The blithe dismissal of input from Apple and Google by government ‘experts’ is typical of the pandemic. Time and again our experts have rejected international experience in favour their own advice.

First, they decided on a herd immunity approach, which had to be withdrawn. Then they declared that masks don’t work, another piece of official advice that had to be rolled back. Now they think they know more about apps than the tech giants of Silicon Valley.

There has been a horrific cost to these decisions. Britain is one of the worst-hit countries, despite having much longer to prepare than Italy or South Korea. Let’s not make the same mistakes again or wait too long to act.

The Apple and Google toolkits are available now. Decentralised apps are being deployed around the world as we speak. The NHS app could simply take the form of the open-source decentralised apps being deployed in Switzerland, and it could be ready in a matter of days.

When the delay to the release of the British app was announced, new management was brought in for the project. Let’s use this as a chance to make an app that’s available soon, respects users’ privacy and works reliably, by switch the contact tracing app to a decentralised model.


  • Arthur Hurnell

    Arthur Hurnell is an entrepreneur and science educator from Bristol. He's passionate about biotechnology, education and financial markets. Follow him on twitter @arthurh77.

Avatar photo

Written by Arthur Hurnell

Arthur Hurnell is an entrepreneur and science educator from Bristol. He's passionate about biotechnology, education and financial markets. Follow him on twitter @arthurh77.


Capitalism and freedom are under attack. If you support 1828’s work, help us champion freedom by donating here.

Keep Reading



Sign up today to receive exclusive insights