A Former Googler Explains Why the U.K.’s Contact Tracing App Was a Disaster
On June 18, the British government suddenly abandoned development of its contact tracing app, which was intended to tell people if they had come into close proximity with someone who tested positive for Covid-19. It worked 4% of the time.
That completely unacceptable result came from poor decisions based on hubris and a lack of technical understanding. The British government was aiming to build a “world-beating” app without the knowledge of the foundations that the technology was being built on.
From the perspective of a former Google product manager, the U.K.’s failure to build contact tracing apps offers many lessons and examples of common mistakes in product development.
How did we get here?
On April 10, Google and Apple announced they would work together to develop a framework that would help contact tracing apps work smoothly on their operating systems. They proposed using Bluetooth technology: Your smartphone would exchange anonymous keys with other devices nearby, and it would keep those keys for 14 days. If you receive a positive test and declare your status in the app, every other owner of a device that has your key will then get notified that they have been exposed. The idea behind the keys is to avoid gathering sensitive information about a user’s identity and location — your phone can be alerted that you crossed paths with someone who tested positive without gathering information about who that person is or where you encountered them.
Two days after Apple and Google’s announcement, the U.K. said that its National Health Service (NHS) was “working closely with the world’s leading tech companies” to develop a contact tracing app. Soon after, the U.K.’s NHS opted for an approach dependent on a central database that could process testing result information and reidentify individuals who had come into close contact with someone who was Covid-19 positive. Although advocates had raised privacy concerns over this approach, health services said they could use this data to identify virus hot spots, anticipate spread, and uncover other risk factors.
Days later, the NHS tested an alpha version of the contact tracing app at a Royal Air Force base.
On May 5, the U.K. launched the app on the Isle of Wight and it was downloaded by more than half of the island’s smartphone population (72,300 out of about 140,000 people) within two weeks, showing early signs of good progress. Initial reviews of the app were mixed — users said it was easy to use, but there was confusion around whether test results or symptoms were the trigger for alerts. This was because users were prompted to input whether they had symptoms, rather than signaling whether they had tested positive for Covid-19.
Meanwhile, several countries — Germany, Singapore, Norway, Australia, and others — abandoned their initial plans to build their own, centralized contact tracing apps in favor of using Apple and Google’s model. The reasons behind these changes were driven by Apple’s and Google’s reluctance to cooperate with any nation’s centralized app due to their sensitivity around privacy and security for their operating systems.
Usually iOS and Android limit apps from running continuously in the background or limit them from running when the screen is off for privacy, security, and battery consumption reasons. But Apple and Google made an exception for contact tracing apps using their toolkit to ensure they would collect and broadcast keys reliably. Apps from countries using centralized models also wouldn’t be able to recognize other countries’ apps’ keys. For example, if a person from France were next to a person from Germany, their contact tracing apps wouldn’t be able to detect each other’s keys. Whereas the iOS and Android decentralized model uses one kind of key for all phones globally, allowing it to be interoperable across different countries’ contact tracing apps. These issues forced Germany and others to build off the Apple and Google toolkit.
The British effort did find workarounds that most other developers could not: They used “keepalives” (messages sent by one device to another) to circumvent restrictions on having apps in the background on iOS. Notifications were sent between two Apple devices running the app to keep the connection between the devices alive and therefore having the ability to detect each other’s keys. The NHS tried to develop with a hacker’s mentality and shared its progress through its GitHub page.
However, in May it was reported by the Financial Times that the British government was simultaneously exploring a solution with Apple and Google’s decentralized system as a backup, indicating that, even within the government, there were doubts that the centralized effort could work.
Meanwhile, after being questioned on the progress of the trial, Prime Minister Boris Johnson touted the U.K.’s contact tracing effort as “world-beating” and said it would be ready for a June 1 launch. The government quickly backtracked and said the app was no longer a priority and seen as the “cherry on the cake.” After the backtrack, field tests by the Royal Air Force were conducted comparing the NHS app with a version using Apple and Google’s system — the results conclusively favored the version using Apple and Google’s system. They were only able to detect one in 25 contacts on Apple phones and were unable to work on Android phones older than four years old. The U.K. government ditched its initial plans.
So two months later and around $15 million spent — the equivalent of a well-funded Series A capital raise for a startup — it’s still unclear when or if the U.K. will get a contact tracing app. There are plenty of lessons that the government or any software developer can learn from this.
The ideal contact tracing solution should be able to identify nearby contacts with high accuracy, respect users’ privacy, validate confirmed cases, provide a way to follow up with contacts, and allow users to easily download it. The U.K.’s attempt didn’t meet the bar.
Speaking as a former Google product manager — but not one involved in contact tracing — if the U.K. is going to engage in tech product development, it could stand to learn from some industry best practices about how to develop tech products.
There was no need to reinvent the wheel
The development of the app has taken months and cost millions of pounds from taxpayers. Not using APIs created by Apple and Google always carried significant risk (to ensure that their app would be functional on these platforms) and they could’ve easily leveraged this from the start, considering that the toolkit was built by the companies who built the main mobile operating systems.
As more governments start relying on technology for keeping their citizens safe, it’s increasingly important that they learn from tech industry best practices.
Collaborate and build on what others have already created
There was a lot of knowledge from other contact tracing app mishaps such as Australia’s (issues with the app working in the background), Germany’s, (not complying with Apple’s and Google’s privacy and security guidelines) Singapore’s (poor adoption rates from users), and many others. In fact, by late April, so many countries had switched to the Google/Apple system that the U.K. should have done their due diligence. See Gibraltar: It used open-source code developed by the Irish government in early May. By June 18, Gibraltar launched its app, and within a week one-fifth of the population had downloaded it. All for the cost of less than $128,000.
Clearly define the product’s scope
From the get-go, the British government had lofty ambitions that it could be the one to unlock this new digital contact tracing potential. This ambitious thinking led them to get excited and attempt to build several different features. Beyond the basic contact tracing, they wanted the app to be able to allow people to order a test and be an information hub too.
Even the product requirements changed along the way. Initially, developers were instructed to build the app based on people self-reporting symptoms rather than verifying positive tests. Therefore, the developers had to build a separate algorithm to validate symptoms. As knowledge about Covid-19 grew, the developers had to tweak their algorithm based on the growing number of symptoms. Ultimately, the project’s requirements changed completely as testing capabilities in the U.K. expanded, and the app had to know if a user had tested positive rather than just showing symptoms.
Commit to decision-making
The U.K. government has flip-flopped several times on its app’s strategy, moving from a decentralized to centralized and then back to a decentralized model. These constant changes caused suspicion, and secret files about the app’s development were found in an unlocked Google Drive folder. Even internally, within the government, there were two rival teams set up in tandem to work on the different strategies. These teams didn’t openly communicate with each other, and as strategies changed, chaotic reorgs in management ensued.
Underpromise and overdeliver
The app’s delivery date kept on moving, which set the team up for failure. There are plenty of challenges with building a contact tracing app, and these should have been explained and acknowledged thoughtfully. For example, the Bluetooth technology it relies on is very sensitive and it requires close to universal adoption from the country’s smartphone population before it can even work well. Even though the pace of execution was poor, the government could have laid out a conservative timeline that it could commit to.
As more governments start relying on technology for keeping their citizens safe, it’s increasingly important that they learn from tech industry best practices. They could build a consortium of government tech departments to collaborate amongst each other and build on top of what others had created. These departments focused on technology shouldn’t be led by career politicians but by seasoned tech veterans who understand the ramifications of changing scope and committing to decision-making. Publishing roadmaps and being transparent about the risks and potential issues that come up would help build trust with citizens and make things like getting people to download a contact tracing app a lot easier.