If I just switch myself to infected after having a lot of contact or worst targeted contact.

And without knowing who is the user, you can enforce the law.

I think their is a solution (group trust recognition on device and user "level" of network trust), but I need to sleep on it.

Hi Gagarine, a possible solution to this, is that actually only medical personel is capable of marking you as "tested positive" (i.e. by scanning a QR). Also please note that only people you have been in contact with will be notified and we are able to block identities that are acting spammy. However for simplicity's sake this PoC version does not offer those counter measures yet (they would be easy to implement though).

We certainly need multiple countermeasures and different kind level "validation of the infection status". The different countermeasure is not mutually exclusive. It also needs to be simple to understand.

Official validation of the status

Passing by medical personal is a good way. But it can be slow at first (remember, they are still using fax). And if you exclude them at first, they will ask for special access. If you ask them for help, perhaps the institution will push more resistance. Every

Validate phone number or email

You don't need to record the phone number. This is tricky because people have to trust you to not save the data.

Validation by Close Friends

Friends is something everybody understands. If your profile has 0 friends on FB I know you are a bot. How do you manage a friend without breaking privacy? We can use the same technics for product recommendation:

• Add/invite a close friend from your address book (you need to trust him, has he will know your status)
• Generate a link that can be used only once
• If your friend accepts the invitation this creates a connection on the server ID1 <- friends -> ID2
• on your phone, you can add a name

=> when you report your status, close friends will know it.

-> we can even add an "x friend has confirmed" feature

Self-report guidance

Not 100% linked to spam. But some people may feel they have some symptoms and change their status to infected. When you click "I have some symptom" we can propose a small form with some basic questions to be a bit more sure that people don't report when they just have an headache.

There is a much involved solution here: INstead of a medical central authority authorizing positive tests with no privacy there can be some sort of anonymous credentials whereby each user when it reports positive tests it provides a signature on its test in the form of anonymous access token without revealing its identity

PrivacyPass looks like it has a lot of the solution you are searching for.

I agree - We need a more specific architectural overview. For example when somebody decides to upload the PIDs because he is infected how the app is verifying the validity of the positive tests? The relay server will be held by whom? Health organisations or independent servers?