Cwa-documentation: How to avoid creating fake data?

The App is decentralised, the tracking events are only saved offline on the phones.

The App is decentralised, the tracking events are only saved offline on the phones.

That is questionable -> #13 and there is a "central health server" mentioned.

The document / process description is very silent about this :)

Please wait until the architecture docs are released. You will find information about fake protection in those docs.

Wait for some server event that A and B was queried by the server and the IDs are known (unclear at this moment if an "health server" is required)

Your item 6 is hard to understand. I fear that the term "ID" can also be misunderstood to be one of the DP-3T IDs (which I don't think you mean, as you are referring to #13).

As far as I can understand the requirements so far, there shall only be something like a "central configuration" file to set the parameters.

The central health server is were the government publishes the ids of positiv tested people. To be listed there you need a confirmation of a lab for example, so you cant fake to have the virus there either.

The central health server is were the government publishes the ids of positiv tested people. To be listed there you need a confirmation of a lab for example, so you cant fake to have the virus there either.

If this is true, then secondary contacts won't work by design :(

Let's assume you have 1000 contacts / week e.g. U-Bahn, S-Bahn in Berlin, Munich or Stuttgart. Generation 2 contacts (same S-Bahn/U-Bahn) that can be easily 5000-15000 people.

There is no way to trace back the infection. Which is sad...

The central health server is were the government publishes the ids of positiv tested people. To be listed there you need a confirmation of a lab for example, so you cant fake to have the virus there either.

If this is true, then secondary contacts won't work by design :(

Let's assume you have 1000 contacts / week e.g. U-Bahn, S-Bahn in Berlin, Munich or Stuttgart. Generation 2 contacts (same S-Bahn/U-Bahn) that can be easily 5000-15000 people.

There is no way to trace back the infection. Which is sad...

You could allow publishing „secondary contact“ IDs with reference to the original lab confirmation. That would open the door to pranksters.
Or the health authority has another „confirmation“ less severe than a positive test it can pass to the user (for example after a call). With this confirmation the notified user can then publish his IDs and thus enable secondary contact tracing.

You could think about ways to make secondary contacts possible but its very unlikely it will be implemented. There would be way to many people to test.
In general nothing in fighting covid is about 100% getting it right, if you find most people with disease you could theoretically stop it.

You could think about ways to make secondary contacts possible but its very unlikely it will be implemented. There would be way to many people to test.
In general nothing in fighting covid is about 100% getting it right, if you find most people with disease you could theoretically stop it.

The issue I see is that without secondary contact tracing, the notification is of little use at all as the process just takes too long. By the time my contact got symptoms, decided to get tested and got the result, I already have symptoms myself. I don’t learn something new. The people who could be protected is the secondary contacts and if they again get warned only after my test (2-3 days more) it is too late to stop them being infectious.

You may be right. If tests would take just one day it might work. Or if you develop symptomes after seeing an exposure notification the test isnt necessary anymore, for example.

The idea of secondary contact notification is to allow graded responses. The risk of being infected for secondary contacts is much lower, so the appropriate response is not to get tested but to be vigilant instead and take extra care to wear masks, maybe postpone a supermarket visit etc.

Secondary contacts allow a much quicker response to a localised outbreak.

Imagine a school of 1000 students. One person has intensive contact with maybe 30 other students. So if you only do primary notification, only those 30 are notified. All the other 970 won't know until someone in their class will be positive. At that point you have a bug outbreak. With secondary notification, people would notice much faster that something is blowing up.

Think of the recent slaughter house outbreaks. They only noticed when already hundreds were infected.

Secondary contacts allow a much quicker response to a localised outbreak.

Well or think about a location like a student dormitory or panel building in Eastern Germany.

You can query 20-30 BT devices - up to 60 WiFi networks.