TCN Protocol

Last updated
Temporary Contact Numbers Protocol
200505WVV.TCN Logo 1 WhiteBG.png
Developed byTCN Coalition, incl. Covid Watch [1] and CoEpi [2]
IntroducedMarch 17, 2020 (2020-03-17) [3]
Industry Exposure Notification
Physical range~10 m (33 ft) [4]

The Temporary Contact Numbers Protocol, or TCN Protocol, is an open source, decentralized, anonymous exposure alert protocol developed by Covid Watch [1] in response to the COVID-19 pandemic. [5] [6] [7] [8] The Covid Watch team, started as an independent research collaboration between Stanford University and the University of Waterloo was the first in the world to publish a white paper, [9] develop, [3] and open source [10] fully anonymous Bluetooth exposure alert technology in collaboration with CoEpi [2] after writing a blog post [11] on the topic in early March.

Contents

Covid Watch's TCN Protocol received significant news coverage [12] and was followed by similar decentralized protocols in early April 2020 like DP-3T, PACT, [13] and Google/Apple Exposure Notification framework. Covid Watch then helped other groups like the TCN Coalition and MIT SafePaths [14] implement the TCN Protocol within their open source projects to further the development of decentralized technology and foster global interoperability of contact tracing and exposure alerting apps, a key aspect of achieving widespread adoption. [15] Covid Watch volunteers and nonprofit staff also built a fully open source mobile app for sending anonymous exposure alerts first using the TCN Protocol [16] and later using the very similar Google/Apple Exposure Notification Framework (ENF). [17] [18]

The protocol, like BlueTrace and the Google / Apple contact tracing project, use Bluetooth Low Energy to track and log encounters with other users. [19] [20] [21] The major distinction between TCN and protocols like BlueTrace is the fact the central reporting server never has access to contact logs nor is it responsible for processing and informing clients of contact. [22] [23] Because contact logs are never transmitted to third parties, it has major privacy benefits over approaches like the one used in BlueTrace. [24] [25] [26] This approach however, by its very nature, does not allow for human-in-the-loop reporting, potentially leading to false positives if the reports are not verified by public health agencies. [19] :p. 6

The TCN protocol received notoriety as one of the first widely released digital contact tracing protocols [15] [27] [28] alongside BlueTrace, [29] the Exposure Notification framework, and the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) project. [30] [31] It also stood out for its incorporation of blockchain technology, [32] and its influence over the Google/Apple project. [33] [20] [34] [35] [36]

Overview

The TCN protocol works off the basis of Temporary Contact Numbers (TCN), semi-random identifiers derived from a seed. [37] When two clients encounter each other, a unique TCN is generated, exchanged, and then locally stored in a contact log. [38] Then, once a user tests positive for infection, a report is sent to a central server. Each client on the network then collects the reports from the server and independently checks their local contact logs for a TCN contained in the report. If a matching TCN is found, then the user has come in close contact with an infected patient, and is warned by the client. Since each device locally verifies contact logs, and thus contact logs are never transmitted to third parties, the central reporting server cannot by itself ascertain the identity or contact log of any client in the network. This is in contrast to competing protocols like BlueTrace, where the central reporting server receives and processes client contact logs. [39]

Temporary contact numbers

The entire protocol is based on the principle of temporary contact numbers (TCN), a unique and anonymous 128-bit identifier generated deterministically from a seed value on a client device. TCNs are used to identify people with which a user has come in contact, and the seed is used to compactly report infection to a central reporting server. TCN reports are authenticated to be genuine by a secret held only by the client.

Generation

To generate a TCN, first a report authorization key (RAK) and report verification key (RVK) are created as the signing and verification keys of a signature scheme (RAK-RVK pair). In the reference implementation this pair is created using the Ed25519 signature scheme. [40] :line. 13 Then, using the RAK an initial temporary contact key (TCK) is generated using the algorithm , where is the SHA-256 hash function as . This TCK is not used to generate any TCNs, but is used in the next TCK; where all future TCKs are calculated using the algorithm . A 128 bit TCN is then generated from a given TCK using the algorithm , where formats a supplied number as a little endian unsigned 2 byte integer, [41] and is the SHA-256 hash function as . The following diagram demonstrates the key derivation process:

TCN Protocol Key Generation.svg

TCNs are unique to each device encounter, and RAK-RVK pairs are cycled at regular intervals to allow a client to report only specific periods of contact.

Reporting

When a client wishes to submit a report for the TCN indices to , it structures the report as . A signature is then calculated using the RAK, and it is transmitted to the server as .

Because any given TCK can only be used to derive an equal or higher indexed TCNs, by submitting no encounters prior to can be calculated. However, there is no upper limit to encounters calculated using the same RAK-RVK pair, which is why they are cycled often. To prevent clients calculating unused TCNs, indicates the last TCN index generated with the given RVK. [42] :lines. 49–61 Additionally, since the RVK is used to calculate a TCK, and is provided, no valid TCNs in the reporting period can be derived from an illegitimate report. The only correct TCN calculable from a mismatched RVK and is , the TCN before the start of the reporting period.

Once a report is received, clients individually recalculate TCKs and TCNs for a given period using the original algorithms:

This is used by client devices to check their local contact logs for potential encounters with the infected patient, but has the dual benefit of verifying reports since false reports will never produce matching TCNs.

Memo

In the report structure, the memo is a space for freeform messages that differ between TCN implementations. The section is between 2 and 257 bytes, and made up of a tag identifying the specific implementation, as well as a data and data length pair. It is formatted as . The data is standardized for different tags, and can be as follows:

TagData standard
0x0 CoEpi symptom report v1
0x1 Covid Watch test result v1
0x2 ito report v1
0x3-0xfeAllocated for future official TCN apps or versions
0xffReserved (can be used to add more than 256 types later)

Technical specification

The protocol can be divided into two responsibilities: an encounter between two devices running TCN apps, and the notification of potential infection to users that came in contact with a patient. For the purposes of this specification, these areas are named the encounter handshake, and infection reporting. The encounter handshake runs on Bluetooth LE and defines how two devices acknowledge each other's presence. The infection reporting is built on HTTPS and defines how infection notices are distributed among clients.

Encounter handshake

When two devices come within range of each other, they exchange a handshake containing TCNs. In order to achieve this the encounter handshake operates in two modes (both with two sub-modes), broadcast oriented and connection oriented. Broadcast oriented operates using the modes broadcaster and observer, while connection oriented operates using peripheral and central. The two modes are used to circumvent certain device limitations, particularly in regard to iOS restrictions in place before version 13.4. [43] In both modes the protocol is identified with the 16 bit UUID 0xC019.

In broadcast mode, a broadcaster advertises a 16-byte TCN using the service data field of the advertisement data. The observer reads the TCN from this field. In connection-oriented mode, the peripheral advertises using the UUID. The service exposes a read and writeable packet for sharing TCNs. After sharing a TCN, the central disconnects from the peripheral.

Infection reporting

When a user tests positive for infection, they upload a signed report, allowing the past 14 days of encounters to be calculated, to a central server. On a regular basis, client devices download reports from the server and check their local contact logs using the verification algorithm. If there is a matching record, the app notifies the user to potential infection.

TCN Coalition

On 5 April 2020, the global TCN Coalition was founded by Covid Watch and other groups that had coalesced around what was essentially the same approach and largely overlapping protocols, with the goal to reduce fragmentation, and enable global interoperability of tracing and alerting apps, a key aspect of achieving widespread adoption. [44] The TCN Coalition also helped establish the Data Rights for Digital Contact Tracing and Alerting framework, which functions as a bill of rights for users of such apps. [45]

Currently the protocol is used by TCN Coalition members CoEpi [46] [47] and Covid Watch, [48] [22] and was likely a source of inspiration for the similar Google / Apple contact tracing project. [35] [34]

See also

Related Research Articles

<span class="mw-page-title-main">Contact tracing</span> Finding and identifying people in contact with someone with an infectious disease

In public health, contact tracing is the process of identifying persons who may have been exposed to an infected person ("contacts") and subsequent collection of further data to assess transmission. By tracing the contacts of infected individuals, testing them for infection, and isolating or treating the infected, this public health tool aims to reduce infections in the population. In addition to infection control, contact tracing serves as a means to identify high-risk and medically vulnerable populations who might be exposed to infection and facilitate appropriate medical care. In doing so, public health officials utilize contact tracing to conduct disease surveillance and prevent outbreaks. In cases of diseases of uncertain infectious potential, contact tracing is also sometimes performed to learn about disease characteristics, including infectiousness. Contact tracing is not always the most efficient method of addressing infectious disease. In areas of high disease prevalence, screening or focused testing may be more cost-effective.

<span class="mw-page-title-main">COVID-19 apps</span> Mobile apps designed to aid contact tracing

COVID-19 apps include mobile-software applications for digital contact-tracing - i.e. the process of identifying persons ("contacts") who may have been in contact with an infected individual - deployed during the COVID-19 pandemic.

Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT/PEPP) is a full-stack open protocol designed to facilitate digital contact tracing of infected participants. The protocol was developed in the context of the ongoing COVID-19 pandemic. The protocol, like the competing Decentralized Privacy-Preserving Proximity Tracing (DP-3T) protocol, makes use of Bluetooth LE to discover and locally log clients near a user. However, unlike DP-3T, it uses a centralized reporting server to process contact logs and individually notify clients of potential contact with an infected patient. It has been argued that this approaches compromises privacy, but has the benefit of human-in-the-loop checks and health authority verification. While users are not expected to register with their real name, the back-end server processes pseudonymous personal data that would eventually be capable of being reidentified. It has also been put forward that the distinction between centralized/decentralized systems is mostly technical and PEPP-PT is equally able to preserve privacy.

<span class="mw-page-title-main">BlueTrace</span> COVID-19 contact tracing software

BlueTrace is an open-source application protocol that facilitates digital contact tracing of users to stem the spread of the COVID-19 pandemic. Initially developed by the Singaporean Government, BlueTrace powers the contact tracing for the TraceTogether app. Australia and the United Arab Emirates have already adopted the protocol in their gov apps, and other countries were considering BlueTrace for adoption. A principle of the protocol is the preservation of privacy and health authority co-operation.

TraceTogether was a digital system implemented by the Government of Singapore to facilitate contact tracing efforts in response to the COVID-19 pandemic in Singapore. The main goal was a quick identification of persons who may have come into close contact with anyone who has tested positive for COVID-19. The system helps in identifying contacts such as strangers encountered in public one would not otherwise be able to identify or remember. Together with SafeEntry, it allows the identification of specific locations where a spread between close contacts may occur.

<span class="mw-page-title-main">Exposure Notification</span> Initiative for mobile device-based privacy-preserving contact tracing

The (Google/Apple) Exposure Notification System (GAEN) is a framework and protocol specification developed by Apple Inc. and Google to facilitate digital contact tracing during the COVID-19 pandemic. When used by health authorities, it augments more traditional contact tracing techniques by automatically logging close approaches among notification system users using Android or iOS smartphones. Exposure Notification is a decentralized reporting protocol built on a combination of Bluetooth Low Energy technology and privacy-preserving cryptography. It is an opt-in feature within COVID-19 apps developed and published by authorized health authorities. Unveiled on April 10, 2020, it was made available on iOS on May 20, 2020 as part of the iOS 13.5 update and on December 14, 2020 as part of the iOS 12.5 update for older iPhones. On Android, it was added to devices via a Google Play Services update, supporting all versions since Android Marshmallow.

<span class="mw-page-title-main">COVIDSafe</span> Contact tracing app by the Australian Department of Health

COVIDSafe was a digital contact tracing app released by the Australian Government on 26 April 2020 to help combat the ongoing COVID-19 pandemic. The app was intended to augment traditional contact tracing by automatically tracking encounters between users and later allowing a state or territory health authority to warn a user they have come within 1.5 metres with an infected person for 15 minutes or more. To achieve this, it used the BlueTrace and Herald protocol, originally developed by the Singaporean Government and VMWare respectively, to passively collect an anonymised registry of near contacts. The efficacy of the app was questioned over its lifetime, ultimately identifying just 2 confirmed cases by the time it was decommissioned on 16 August 2022.

<span class="mw-page-title-main">Digital contact tracing</span> Method of contact tracing using mobile devices

Digital contact tracing is a method of contact tracing relying on tracking systems, most often based on mobile devices, to determine contact between an infected patient and a user. It came to public prominence in the form of COVID-19 apps during the COVID-19 pandemic. Since the initial outbreak, many groups have developed nonstandard protocols designed to allow for wide-scale digital contact tracing, most notably BlueTrace and Exposure Notification.

<span class="mw-page-title-main">Decentralized Privacy-Preserving Proximity Tracing</span> Proximity contact tracing protocol

Decentralized Privacy-Preserving Proximity Tracing is an open protocol developed in response to the COVID-19 pandemic to facilitate digital contact tracing of infected participants. The protocol, like competing protocol Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT), uses Bluetooth Low Energy to track and log encounters with other users. The protocols differ in their reporting mechanism, with PEPP-PT requiring clients to upload contact logs to a central reporting server, whereas with DP-3T, the central reporting server never has access to contact logs nor is it responsible for processing and informing clients of contact. Because contact logs are never transmitted to third parties, it has major privacy benefits over the PEPP-PT approach; however, this comes at the cost of requiring more computing power on the client side to process infection reports.

<span class="mw-page-title-main">NHS COVID-19</span> UK contact tracing app for COVID-19

NHS COVID-19 was a voluntary contact tracing app for monitoring the spread of the COVID-19 pandemic in England and Wales. It had been available since 24 September 2020 for Android and iOS smartphones, and can be used by anyone aged 16 or over.

On April 16, 2020, Nodle released The Whisper Tracing Protocol white paper and the Coalition App on Android. The protocol is intended to be a privacy first Digital contact tracing tool developed for the 2020 COVID-19 pandemic. The project has been spun off into The Coalition Foundation. The protocol is being used for the Government of Senegal's Daancovid19 mobile contact tracing app initiative. Daancovid19 is the Senegalese digital response against the coronavirus. It was started by a handful of digital professionals and subsequently brought together nearly 500 volunteer experts from the private, public, and civil society. The respective Coalition App has been promoted by the City of Berkeley, California to their residents.

<span class="mw-page-title-main">Covid Watch</span> Open source nonprofit founded in February 2020

Covid Watch was an open source nonprofit founded in February 2020 with the mission of building mobile technology to fight the COVID-19 pandemic while defending digital privacy. The Covid Watch founders became concerned about emerging, mass surveillance-enabling digital contact tracing technology and started the project to help preserve civil liberties during the pandemic.

<span class="mw-page-title-main">Carmela Troncoso</span> Spanish telecommunication engineer

Carmela González Troncoso is a Spanish telecommunication engineer and researcher specialized in privacy issues, and an LGBT+ activist. She is currently a tenure track assistant professor at École Polytechnique Fédérale de Lausanne (EPFL) in Switzerland and the head of the SPRING lab. Troncoso gained recognition for her leadership of the European team developing the DP-3T protocol that aims at the creation of an application to facilitate the tracing of COVID-19 infected persons without compromising on the privacy of citizens. Currently she is also member of the Swiss National COVID-19 Science Task Force in the expert group on Digital Epidemiology. In 2020, she was listed among Fortune magazine's 40 Under 40.

<span class="mw-page-title-main">Corona-Warn-App</span> German COVID-19 contact tracing app

Corona-Warn-App was the official and open-source COVID-19 contact tracing app used for digital contact tracing in Germany made by SAP and Deutsche Telekom subsidiary T-Systems.

<span class="mw-page-title-main">COVID Alert</span> Canadian contact-tracing app for COVID-19

COVID Alert was the Exposure Notification service app for the country of Canada. It launched in the province of Ontario on July 31, 2020, and became available in nearly all Canadian provinces by October of that year, excluding Alberta, and British Columbia.

<span class="mw-page-title-main">COVID Tracker Ireland</span> Contact tracing application released by the Government of Ireland on 7 July 2020

COVID Tracker Ireland is a digital contact tracing app released by the Irish Government and the Health Service Executive on 7 July 2020 to prevent the spread of COVID-19 in Ireland. The app uses ENS and Bluetooth technology to determine whether a user have been a close contact of someone for more than 15 minutes who tested positive for COVID-19. On 8 July, the app reached one million registered users within 36 hours after its launch, representing more than 30% of the population of Ireland and over a quarter of all smartphone users in the country. As of August 2021, over 3,030,000 people have downloaded the app.

<span class="mw-page-title-main">Public health mitigation of COVID-19</span> Measures to halt the spread of the respiratory disease among populations

Part of managing an infectious disease outbreak is trying to delay and decrease the epidemic peak, known as flattening the epidemic curve. This decreases the risk of health services being overwhelmed and provides more time for vaccines and treatments to be developed. Non-pharmaceutical interventions that may manage the outbreak include personal preventive measures such as hand hygiene, wearing face masks, and self-quarantine; community measures aimed at physical distancing such as closing schools and cancelling mass gathering events; community engagement to encourage acceptance and participation in such interventions; as well as environmental measures such surface cleaning. It has also been suggested that improving ventilation and managing exposure duration can reduce transmission.

Software for COVID-19 pandemic mitigation takes many forms. It includes mobile apps for contact tracing and notifications about infection risks, vaccine passports, software for enabling – or improving the effectiveness of – lockdowns and social distancing, Web software for the creation of related information services, and research and development software. A common issue is that few apps interoperate, reducing their effectiveness.

StaySafe.ph or Stay Safe is a digital contact tracing app launched by the Philippine government as a response to the COVID-19 pandemic in the Philippines. The mobile app was developed and published by MultiSys Technologies Corporation.

References

  1. 1 2 "Covid Watch". Covid Watch. 2020-02-19. Archived from the original on 2020-08-06. Retrieved 2020-06-02.
  2. 1 2 "CoEpi website". CoEpi. 2020-03-17. Retrieved 2020-03-17.
  3. 1 2 "First implementation of anonymous exposure alert protocol". GitHub. Retrieved 2020-03-17.
  4. Sponås, Jon Gunnar. "Things You Should Know About Bluetooth Range". blog.nordicsemi.com. Retrieved 2020-04-18.
  5. University, Stanford (2020-04-09). "Stanford researchers help develop privacy-focused coronavirus alert app". Stanford News. Retrieved 2020-04-22.
  6. "One victim of COVID-19 pandemic may be privacy rights". JapanTimes. 2020-03-31. Archived from the original on 2020-03-30. Retrieved 2020-03-31.
  7. "What privacy-preserving coronavirus tracing apps need to succeed". VentureBeat. 2020-04-13. Retrieved 2020-04-18.
  8. Shendruk, Amrita Khalid, Amanda (16 April 2020). "How Bluetooth could bring digital contact tracing for Covid-19 to billions". Quartz. Retrieved 2020-04-19.{{cite web}}: CS1 maint: multiple names: authors list (link)
  9. "Covid Watch White Paper". Covid Watch. 2020-03-20. Archived from the original on 2021-10-15. Retrieved 2020-03-20.
  10. "Covid Watch Github". Github. 2020-03-17. Retrieved 2020-03-17.
  11. "Covid Watch Bluetooth Primer Blog Post". Internet Archive. 2020-03-07. Archived from the original on 2020-04-10. Retrieved 2020-03-07.
  12. "Covid Watch News Coverage". Covid Watch. 2020-06-02. Archived from the original on 2020-08-03. Retrieved 2020-06-02.
  13. "First MIT PACT paper" (PDF). PACT MIT. 2020-04-08. Archived from the original on 2020-04-09. Retrieved 2020-04-08.
  14. "Bluetooth signals from your smartphone could automate Covid-19 contact tracing while preserving privacy". MIT News. 2020-04-08. Retrieved 2020-04-08.
  15. 1 2 "Initial TCN Coalition commit · TCNCoalition/TCN@1b68b92". GitHub. Retrieved 2020-04-18.
  16. "Covid Watch open source iOS TCN app". Github. 2020-03-17. Retrieved 2020-03-17.
  17. "Covid Watch iOS G/A EN Github Repo". Github. 2020-06-02. Retrieved 2020-06-02.
  18. "Covid Watch Github Repo". Github. 2020-03-07. Retrieved 2020-03-07.
  19. 1 2 Jason Bay, Joel Kek, Alvin Tan, Chai Sheng Hau, Lai Yongquan, Janice Tan, Tang Anh Quy. "BlueTrace: A privacy-preserving protocol for community-driven contact tracing across borders" (PDF). Government Technology Agency. Retrieved 2020-04-12.{{cite web}}: CS1 maint: multiple names: authors list (link)
  20. 1 2 "Is Apple and Google's Covid-19 Contact Tracing a Privacy Risk?". Wired. ISSN   1059-1028 . Retrieved 2020-04-18.
  21. "ZCash Privacy Preserving Contact Tracing App on Blockchain the Temporary Contact Number TCN Coalition". Cryptocurrency News - TCAT. 2020-04-12. Retrieved 2020-04-18.
  22. 1 2 TCNCoalition/TCN, TCN Coalition, 2020-04-18, retrieved 2020-04-18
  23. "The PACT protocol specification" (PDF). PACT MIT. Retrieved 2020-04-23.
  24. "Aisshwarya Tiwar: COVID-19: Zcash (ZEC) and TCN Developing Privacy-Preserving Contact Tracing App | IoT Council". www.theinternetofthings.eu. Archived from the original on 2020-05-14. Retrieved 2020-04-19.
  25. Nabben, Kelsie (2020-04-14). Trustless Approaches to Digital Infrastructure in the Crisis of COVID-19.
  26. Lorenz Cuno Klopfenstein; Saverio Delpriori; Gian Marco Di Francesco; Riccardo Maldini; Brendan Dominic Paolini; Alessandro Bogliolo (2020). Digital Ariadne: Citizen Empowerment for Epidemic Control. arXiv: 2004.07717 . Bibcode:2020arXiv200407717C.
  27. "Stanford researchers help develop privacy-focused coronavirus alert app". techxplore.com. Retrieved 2020-04-19.
  28. "Will Smartphones Help Us Keep COVID-19 Under Control?". www.news.gatech.edu. Retrieved 2020-04-20.
  29. "Singapore launches TraceTogether mobile app to boost COVID-19 contact tracing efforts". CNA. Archived from the original on 2020-03-20. Retrieved 2020-04-20.
  30. "COVID-19 Apps and Websites - The "Pan-European Privacy Preserving Proximity Tracing Initiative" and Guidance by Supervisory Authorities". Inside Privacy. 2020-04-02. Retrieved 2020-04-20.
  31. Valence, Henry de (6 April 2020). "Private Contact Tracing Protocols Compared: DP-3T and CEN". The Zcash Foundation. Retrieved 2020-04-22.
  32. "ZCash Privacy Preserving Contact Tracing App on Blockchain the Temporary Contact Number TCN Coalition". Cryptocurrency News - TCAT. 2020-04-12. Retrieved 2020-04-19.
  33. "Demonstrating 15 contact tracing and other tools built to mitigate the impact of COVID-19". TechCrunch. 5 June 2020. Retrieved 2020-10-31.[ permanent dead link ]
  34. 1 2 "Apple and Google partner on Covid-19 contact tracing technology | Hacker News". news.ycombinator.com. Retrieved 2020-04-20.
  35. 1 2 "Covid Watch Celebrates Apple and Google's COVID-19 Contact Tracing Announcement". www.covid-watch.org. Archived from the original on 2020-04-19. Retrieved 2020-04-18.
  36. "Contact Tracing in the Real World | Light Blue Touchpaper". 12 April 2020. Retrieved 2020-04-20.
  37. "Temporary Contact Number based Contact Tracing". lucumr.pocoo.org. Retrieved 2020-04-19.
  38. "Protecting Lives & Liberty: How Contact Tracing Can Foil COVID-19 & Big Brother". ncase.me. Retrieved 2020-04-19.
  39. Liauw, 🇸🇬 Frank (2020-04-09). "TraceTogether: under the hood". Medium. Retrieved 2020-04-18.
  40. "TCNCoalition/TCN/src/keys.rs". GitHub. Retrieved 2020-04-19.
  41. "nom::le_u16 - Rust". docs.rs. Retrieved 2020-04-18.
  42. "TCNCoalition/tcn-client-android/src/main/java/org/tcncoalition/tcnclient/TcnKeys.kt". GitHub. Retrieved 2020-04-19.
  43. "r/iOSBeta - [Feature] IOS 13.4 beta enables BLE long range support (iPhone 11/11 Pro only)". reddit. 3 March 2020. Retrieved 2020-04-18.
  44. "TCN Coalition · A Global Coalition for Privacy-First Digital Contact Tracing Protocols to Fight COVID-19". tcn-coalition.org. Archived from the original on 2021-07-04. Retrieved 2020-04-16.
  45. Reed <questions@dcta-datarights.org>, Harper. "Data Rights for Digital Contact Tracing and Alerting · Overview". dcta-datarights.com. Retrieved 2020-04-16.[ permanent dead link ]
  46. News, Mirage (2020-04-15). "Will Smartphones Help Us Keep COVID-19 Under Control? | Mirage News". Mirage News. Retrieved 2020-04-19.{{cite news}}: |last= has generic name (help)
  47. Co-Epi/app-android, CoEpi, 2020-04-19, retrieved 2020-04-19
  48. "Covid Watch". www.covid-watch.org. Archived from the original on 2020-08-06. Retrieved 2020-04-19.