Search papers, labs, and topics across Lattice.
The paper introduces a modular six-model classification system for digital contact tracing (CT) platforms, moving beyond the centralized/decentralized binary. They evaluated 18 platforms across 12 countries using a 24-indicator rubric covering privacy, security, functionality, and governance, employing double-coding and weight-sensitivity checks for robustness. The analysis reveals that Bulletin Board and Custodian models excel in privacy, while Fully Centralized models facilitate verification and notification, demonstrating the trade-offs inherent in different architectural choices.
Contact tracing apps don't fit neatly into centralized vs. decentralized buckets: a new 6-model classification reveals critical privacy tradeoffs across 18 platforms.
Digital contact-tracing (CT) systems differ in how they process risk and expose data, and the centralized–decentralized dichotomy obscures these choices. We propose a modular six-model classification and evaluate 18 platforms across 12 countries (July 2020–April 2021) using a 24-indicator rubric spanning privacy, security, functionality, and governance. Methods include double-coding with Cohen’s κ for inter-rater agreement and a 1000-draw weight-sensitivity check; assumptions and adversaries are stated in a concise threat model. Results: No single model dominates; Bulletin Board and Custodian consistently form the top tier on privacy goals, while Fully Centralized eases verification/notification workflows. Timelines show rapid GAEN uptake and near-contemporaneous open-source releases, with one late outlier. Contributions: (i) A practical, generalizable classification that makes compute-locus and data addressability explicit; (ii) a transparent indicator rubric with an evidence index enabling traceable scoring; and (iii) empirically grounded guidance aligning deployments with goals G1–G3 (PII secrecy, notification authenticity, unlinkability). Limitations include reliance on public documentation and architecture-level (not mechanized) verification; future work targets formal proofs and expanded double-coding. The framework and findings generalize beyond COVID-19 to privacy-preserving digital-health workflows.
