Cwa-app-android: Show details on low risk contact

Created on 17 Aug 2020 · 7Comments · Source: corona-warn-app/cwa-app-android

Hi,

a friend told me that his Android WarnApp informed him about a low risk contact. He is interested in details about this event (e.g. data and time, duration and distance), but was not able to find any information. As he is not a technical person, I tried to support him, but also didn't find anything.

Is detailed information about a low risk contact available somewhere? If not, what is the reason for not showing this kind of information?

For me this information would have a lot of value. For example together with my Google Maps Timeline functionality, I could draw some conclusions, which will help me to decide on how seriously I take the contact. A short, low distance contact while being outside would be for me far less problematic than one in a closed room.

duplicate question

Source

esscue23

👍3

All 7 comments

Duplicate of https://github.com/corona-warn-app/cwa-backlog/issues/23

Content wise: Yes, agreed!

I hope we soon see some movement on this issue.

daimpi on 17 Aug 2020

(e.g. data and time, duration and distance)

If not, what is the reason for not showing this kind of information?

yes - you explain part of the issue your self:

For example together with my Google Maps Timeline functionality, I could draw some conclusions, which will help me to decide on how seriously I take the contact.

Depending on how many people where near your at that time and place, you could make a conclusion who reported them self positive.

Do prevent demand for that kind of information, the google/apple API restricts the app from directly accessing anything.
To prevent information extraction by multiple queries, the API restricts the number of API calls the app can make (a day (google) or 24 hours (apple)).

Corona-Warn-App is using 14 of its 20 calls a day. (1 call per key file - a key file representing a day, so to give 14 days worth of infected keys to the API for checking for contacts)

_SwissCovid for comparison is also using 1 key file per day, but only present 10 days worth of infected keys, so swiss covid can call the API twice a day._

To be clear: The risk calculation does not happen in the app. The app provides the infected keys and criteria. The API (Google/Apple) checks the key in its safe storage against the infected keys and then only returns the result(s).

A short, low distance contact while being outside would be for me far less problematic than one in a closed room.

The margin of error of both distance measurement and time measurement have to be assumed be quite large. The IDs are only recorded every 5 minutes. So time would be displayed as 0 to 5 min, 5 to 10 min, 10 to 15 min etc. The distance accuracy is unknown and dependent on various factors. Also note that the distance estimation only happens every 5 minutes - you could have been closer in between two measurements. So... how could that be display? (If the app would have access to it - again: Google and Apples APIs very intentionally to not allow access to the raw information)

Also note what percentage of the population is using the App. The API only has information for contacts with other app users - when you are over-analyzing what the App displays you, you are ignoring the risk of other contacts.

MichaelPFrey on 17 Aug 2020

To be clear: The risk calculation does not happen in the app. The app provides the infected keys and criteria. The API (Google/Apple) checks the key in its safe storage against the infected keys and then only returns the result(s).

Thanks for pointing this out, I was not aware of this fact.

I now checked the official Google API and it looks to me that the API can provide quite detailed information (ExposureInformation in v1 mode and ExposureWindow in ExposureWindow mode) if requested. The API page also states that the getter Methods getExposureInformation(), getExposureWindows() are not imposing quotas. For me this looks like that technically it is possible to show more information to the user. Am I missing something?

The margin of error of both distance measurement and time measurement have to be assumed be quite large. The IDs are only recorded every 5 minutes. So time would be displayed as 0 to 5 min, 5 to 10 min, 10 to 15 min etc. The distance accuracy is unknown and dependent on various factors. Also note that the distance estimation only happens every 5 minutes - you could have been closer in between two measurements. So... how could that be display? (If the app would have access to it - again: Google and Apples APIs very intentionally to not allow access to the raw information)

For me as a technical person the UI is not of utmost importance, I would like to have easy access to the data. But I agree that a meaningful way of displaying the information has to be found for the average user. And of course analyzing the data requires some basic understanding of how the measurement works.

Also note what percentage of the population is using the App. The API only has information for contacts with other app users - when you are over-analyzing what the App displays you, you are ignoring the risk of other contacts.

I do not agree with this statement. Analyzing the data available and being aware of the risk of other contacts do not exclude each other. I believe it can only help to show more information to the user. In the worst case the user knows not more than now, in the best case, he gets some additional hints that help him.

At the end, the whole concept of the app is built on trusting users' responsibility (e.g. stay at home and get tested if app shows a red warning). For me this also means to provide as much unfiltered information as possible to enable the users to take the right decisions.

esscue23 on 17 Aug 2020

👍1

To be clear: The risk calculation does not happen in the app. The app provides the infected keys and criteria. The API (Google/Apple) checks the key in its safe storage against the infected keys and then only returns the result(s).

I don't think that's quite right: at least with ENF v1.5 (and maybe also before that) information on the day of the encounter, the duration and attenuation for positive matched keys should be exposed to CWA: https://github.com/corona-warn-app/cwa-documentation/issues/373#issuecomment-656998308
and
https://github.com/corona-warn-app/cwa-wishlist/issues/100

@esscue23 btw: if you want to get the maximal information possible out of the Exposure Notification Framework (ENF), even bypassing the restriction that you cannot count non-positive RPIs, and you have a rooted device, you might want to check out @mh-'s corona-warn-companion-android 🙂.

daimpi on 18 Aug 2020

👍1

Depending on how many people where near your at that time and place, you could make a conclusion who reported them self positive.

Actually, in many practically relevant cases, that’s not possible, because you simply don’t know how many people were really near you.
If you consider office environments as the main use case where such “one-on-one” meetings might happen, and where people might want to report their infection anonymously,
there are almost always other users on the floors above and below, or in an adjacent room, and you don’t see them and don’t know how many of them are around you.

mh- on 18 Aug 2020

@esscue23 As @daimpi mentioned - have a look at the WarnAppCompanion app: https://play.google.com/store/apps/details?id=org.tosl.warnappcompanion

mh- on 18 Aug 2020

👍1

Hello @esscue23,

thank you for reaching out to us.
Since this is a duplicate I will close the issue. I internally contacted the persons responsible for https://github.com/corona-warn-app/cwa-backlog/issues/23 to get the latest updates about decisions and so on.

Please feel free to continue the conversation in this backlog item: https://github.com/corona-warn-app/cwa-backlog/issues/23

Thank you,
LMM

Corona-Warn-App Open Source Team