{"id":213,"date":"2020-04-15T20:38:00","date_gmt":"2020-04-15T20:38:00","guid":{"rendered":"https:\/\/live-itpi.pantheonsite.io\/?p=213"},"modified":"2021-09-23T10:09:28","modified_gmt":"2021-09-23T10:09:28","slug":"brief-on-digital-means-employed-by-the-government-of-israel-re-covid-19","status":"publish","type":"post","link":"https:\/\/techpolicy.org.il\/he\/blog\/brief-on-digital-means-employed-by-the-government-of-israel-re-covid-19\/","title":{"rendered":"Brief on Digital Means Employed by the Government of Israel RE: Covid-19"},"content":{"rendered":"<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"680\" src=\"\/wp-content\/uploads\/2020\/04\/office-620822_1920-1024x680.jpg\" alt=\"\" class=\"wp-image-1698\" srcset=\"https:\/\/techpolicy.org.il\/wp-content\/uploads\/2020\/04\/office-620822_1920-1024x680.jpg 1024w, https:\/\/techpolicy.org.il\/wp-content\/uploads\/2020\/04\/office-620822_1920-300x199.jpg 300w, https:\/\/techpolicy.org.il\/wp-content\/uploads\/2020\/04\/office-620822_1920-768x510.jpg 768w, https:\/\/techpolicy.org.il\/wp-content\/uploads\/2020\/04\/office-620822_1920-1536x1020.jpg 1536w, https:\/\/techpolicy.org.il\/wp-content\/uploads\/2020\/04\/office-620822_1920.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>The Government of Israel has activated two parallel and separate digital programs against the spread of the Covid-19 virus. Both programs interact with a central data base of diagnosed patients and their full movements in the 14 days prior to their diagnosis.<\/p>\n\n\n\n<p>1\/ Meta-Data collected by law by the Israeli Security Agency for counter terrorism efforts, from cellular service providers<\/p>\n\n\n\n<p>\uf0b7 The Health Ministry sends requests to the Security Agency including the following data of diagnosed patients: name, government i.d number or passport number, cell phone number, date of diagnosis and date of 14 days prior to diagnosis.<\/p>\n\n\n\n<p>\uf0b7 The citizens receive a text message informing them that their data has been shared.<\/p>\n\n\n\n<p>\uf0b7 The Security Agency then extracts meta data about the people these patients were in proximity to, including name, I.D number, phone number, data of birth, last date of exposure to the diagnosed patient, location of exposure. The data is sent automatically to the Health Ministry.<\/p>\n\n\n\n<p>\uf0b7 The Ministry then generates text messages to the people who crossed paths with patients, ordering them to self quarantine. The identity of the diagnosed patients is not disclosed in the message.<\/p>\n\n\n\n<p>\uf0b7 The reported criteria for triggering an alert is proximity of less than 2 meters for c. 15 minutes.<\/p>\n\n\n\n<p>\uf0b7 Privacy Concerns:<br>o No opt-out mechanism<br>o Large scale mandatory data collection triggering quarantine orders<br>o Non-compliance with the orders is a criminal offence punishable by fine<br>o Suspected slippery slope of civic rights violations when a security agency is involved with a civic crisis<br>o Insufficient transparency and oversight<br>o Lack of appeal process on quarantine orders and citizen redress<br>o Based on new emergency regulations enacted in a speedy process<\/p>\n\n\n\n<p>\uf0b7 Privacy and Security measures:<br>o The data extracted by the Security Agency will be kept separate from any other data the service has<br>o It will not be uploaded to a cloud service<br>o The data extracted will be deleted 7 days after the transfer to the Health Ministry, and unnecessary data will be deleted immediately<br>o No human will be exposed to the data, which is sent automatically, unless there is a claim or error that needs investigating<br>o The use of this data for a purpose other than the authorized one will be a criminal offence<br>o The arrangement is temporary and in force only until 30.4.2020 when the necessity to continue will be re-examined by a team of ministers who will consult with the head of the Security Agency and the Head of the National Security Council<br>o The examination will be based on measures of effectiveness of the solution in light of it being privacy intrusive<br>o The conclusion will be brought to the Prime Minister whose decision on continuing the program requires approval by a parliamentary committee and further legislation<\/p>\n\n\n\n<p>\uf0b7 This program was petitioned against at the Supreme Court by civil society groups. The discussions have generated changes in the program and strengthening of oversight mechanisms but didn\u2019t bring its cancellation. Proceedings are still undergoing.<\/p>\n\n\n\n<p>\uf0b7 The government reported that between 18.3.2020 when this activity begun, and 6.4.2020, 1,800 of the people who received proximity alerts and were quarantined were found to be infected.<\/p>\n\n\n\n<p>2\/ Israel Proximity application \u201cHamagen\u201d (the \u201cShield\u201d)<\/p>\n\n\n\n<p>\uf0b7 \u201cHamagen\u201d is an opt-in, voluntary program where the application requires the user to download and install it from the app store and give it permissions to collect location data.<\/p>\n\n\n\n<p>\uf0b7 It processes GPS data, Wi-Fi data, Google Timeline history upon separate consent.<\/p>\n\n\n\n<p>\uf0b7 Bluetooth data feature in development.<\/p>\n\n\n\n<p>\uf0b7 The app collects data from the moment of download and retains it on the user\u2019s device.<\/p>\n\n\n\n<p>\uf0b7 Every hour it checks the database provided by the Health Ministry with the current data and detailed itineraries of officially diagnosed patients.<\/p>\n\n\n\n<p>\uf0b7 If there is a positive result the user gets an alert of being in proximity to a patient, and the time and location, without the patient\u2019s identity.<\/p>\n\n\n\n<p>\uf0b7 This alert is shown only to the user and is not reported to the government.<\/p>\n\n\n\n<p>\uf0b7 The user is recommended to self quarantine but may use discretion if he\/she thinks there is no need.<\/p>\n\n\n\n<p>\uf0b7 If a user is diagnosed with the virus, the location history paths are already retained on the device and can be shared with the government database in order to accurately support the epidemiological research that is very laborious and challenging.<\/p>\n\n\n\n<p>\uf0b7 As of 11 April, the App was downloaded by c. 1,480,000 people.<\/p>\n\n\n\n<p>\uf0b7 The app was deleted by c. 452,000 people.<\/p>\n\n\n\n<p>\uf0b7 The desired number for effectiveness of the program is 4 million installed devices.<\/p>\n\n\n\n<p>\uf0b7 Currently c. 25% of the desired population is using the app.<\/p>\n\n\n\n<p>\uf0b7 HaMagen was developed on open source code with the intention to share the code with all. The Health Ministry planned to publish the code on GitHub.<\/p>\n\n\n\n<p>\uf0b7 Information in English from the Health Ministry can be found here:&nbsp;<a href=\"https:\/\/govextra.gov.il\/ministry-of-health\/hamagen-app\/download-en\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/govextra.gov.il\/ministry-of-health\/hamagen-app\/download-en\/<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>The Government of Israel has activated two parallel and separate digital programs against the spread of the Covid-19. Both programs interact with a central data base of diagnosed patients and their full movements in the 14 days prior to their diagnosis.<\/p>","protected":false},"author":1,"featured_media":215,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_seopress_robots_primary_cat":"none","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","inline_featured_image":false,"footnotes":""},"categories":[9],"tags":[34,36,28],"publication_type":[],"class_list":["post-213","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-covid-19","tag-digital-health","tag-privacy"],"acf":[],"_links":{"self":[{"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/posts\/213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/comments?post=213"}],"version-history":[{"count":8,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/posts\/213\/revisions"}],"predecessor-version":[{"id":3360,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/posts\/213\/revisions\/3360"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/media\/215"}],"wp:attachment":[{"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/media?parent=213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/categories?post=213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/tags?post=213"},{"taxonomy":"publication_type","embeddable":true,"href":"https:\/\/techpolicy.org.il\/he\/wp-json\/wp\/v2\/publication_type?post=213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}