key: cord-0171417-ajwnihk6 authors: Carrillo, Dick; Nguyen, Lam Duc; Nardelli, Pedro H. J.; Pournaras, Evangelos; Morita, Plinio; Rodr'iguez, Dem'ostenes Z.; Dzaferagic, Merim; Siljak, Harun; Jung, Alexander; H'ebert-Dufresne, Laurent; Macaluso, Irene; Ullah, Mehar; Fraidenraich, Gustavo; Popovski, Petar title: Containing Future Epidemics with Trustworthy Federated Systems for Ubiquitous Warning and Response date: 2020-10-26 journal: nan DOI: nan sha: ecc0882db97c02bd2e0c5438fcefed0685bc2cc2 doc_id: 171417 cord_uid: ajwnihk6 In this paper, we propose a global digital platform to avoid and combat epidemics by providing relevant real-time information to support selective lockdowns. It leverages the pervasiveness of wireless connectivity while being trustworthy and secure. The proposed system is conceptualized to be decentralized yet federated, based on ubiquitous public systems and active citizen participation. Its foundations lie on the principle of informational self-determination. We argue that only in this way it can become a trustworthy and legitimate public good infrastructure for citizens by balancing the asymmetry of the different hierarchical levels within the federated organization while providing highly effective detection and guiding mitigation measures towards graceful lockdown of the society. To exemplify the proposed system, we choose the remote patient monitoring as use case. In which, the integration of distributed ledger technologies with narrowband IoT technology is evaluated considering different number of endorsed peers. An experimental proof of concept setup is used to evaluate the performance of this integration, in which the end-to-end latency is slightly increased when a new endorsed element is added. However, the system reliability, privacy, and interoperability are guaranteed. In this sense, we expect active participation of empowered citizens to supplement the more usual top-down management of epidemics. The COVID-19 pandemic has clearly shown that, in many senses, the world as a whole was not prepared for dealing with a disease of such magnitude. Although a final assessment is infeasible at this point (October, 2020), in which a second wave is creeping back in Europe and is poised to rage across the continent by fall 2020 [1] The current statistics available about COVID-19 indicate that the most successful policies for monitoring and controlling the virus propagation are employing various digital technologies and connectivity [2] , [3] . These technologies can be used in two principal ways: (1) to provide status and predictions of the epidemiological spread and facilitate actions, such as administration of diagnostic tests or preparation of medical equipment; (2) to implement active policies that facilitate societal processes and safe citizen movement, such as shop schedules, organized delivery of goods, and similar. The success of such informed policies is also strongly related to the timing of their implementation for the respective place, as virus contagion is a spatiotemporal phenomenon that usually leads to exponential growth in the number of infected individuals [4] . Unfortunately, even the most successful timely interventions are in some way overreaching, shutting down abruptly most of the economic activities and creating social distancing between citizens. While acknowledging that this is our current societal need to contain the propagation of this pandemic, our main hypothesis is that, in the near future, digital technologies and wireless connectivity can enable a graceful lockdown by having the following main roles. • Facilitate selective lockdowns by allowing flexible transfer of the work, learn and play activities online to the desired extent. • Assist in maintaining physical distancing and tracking the spreading of the disease, while offering digital tools to control the level of lockdown/reopening. • Provide real-time information for targeted and efficient testing. Note that these are also important today (October, 2020), when a second wave is forcing several countries to rethink a stepby-step reopening based on the aforementioned points. This will be achieved based on an integrated solution for the ubiquitous and privacy-preserving data acquisition, explainable predictive methods for contagion risk assessment, and digitized policies for selective lockdown and scheduling of societal activities. Data will be locally acquired via online social networks, personal smart phone devices and Internet-of-Things (IoT) sensors in general. It is foreseen that an effective global solution shall be decentralized, yet hierarchical (systemof-systems), to provide fine-tuned coordination among the federated entities to orchestrate actions and then avoid both the human rights cost of overly stringent solutions [5] and the human life cost of "hands-off" approaches. Beyond more traditional centralized policy-making, such a decentralized platform, which will be built using trustworthy distributed ledger technology (DLT), should also provide citizens with arXiv:2010.13392v1 [cs.DC] 26 Oct 2020 tools for more direct participation in mitigation measures based on tailored individual incentives. In this sense, we expect to bring managerial decisions closer to the citizens. With such a federated governance, we attempt to convert the usually passive data acquisition process to an active participatory one. Hence, our aim is to move away from a purely top-down management approach. In addition, the proposed platform aims at achieving the minimal use of personal data, processed with the maximum possible privacy-preservation to eliminate global health risks, while protecting the economy [6] . The COVID-19 pandemic has demonstrated that nations and governments need to be better prepared and coordinated to detect and react to global threats focusing on early detection, early response, moving beyond traditionally passive disease monitoring based on voluntary reporting systems. Hence, a rapid, participatory responsive detection system must be in place to support public health officials. A synergistic relationship with public health officials, policymakers, and citizens' active participation will be critical to align the mandate for public health with the protection of privacy, freedom and democracy [7] , [8] . In this context, one main factor is to design a special set of incentives that would allow the citizens to provide secured anonymized access to their data while actively participating in the crowd platform to support early disease detection, a public information system, and possible mitigation measures. Building up such an incentive structure that maps those tradeoffs is a key aspect (beyond purely technical ones) for the success of the proposed federated architecture. Furthermore, this system should be constructed and evaluated rigorously following ethical guidelines as in [3] , [9] . Our contribution in this paper is threefold: 1) a comprehensive analysis of epidemiological models, data collection, and wireless connectivity is done based on key relevant scientific references on pandemics. 2) a federated global epidemiological warning system is proposed based on DLTs. 3) a proof of concept of the integration between DLT and NB-IoT is used to evaluate the wireless network performance on the IoT infrastructure supporting a remote patient monitoring use case. The rest of the paper is organized as follows: Section II presents a discussion of epidemiological models and their limitations. Section III describes the relevance of wireless connectivity on pandemic scenarios. In Section IV, the federated global epidemiological warning system is proposed, here is also detailed the proof of concept of the integration of DLT and narrowband IoT (NB-IoT). Section V is reserved for some discussion and future perspectives. Biomedical data alone do not contain the information required for preventing and mitigating pandemics. In a highly interconnected globalized society, social interactions, environmental data, spatiotemporal events, and collective nonlinear phenomena observed on complex infrastructures such as transport systems, require the mining of heterogeneous pandemic big data that are a result of a complex system of systems processes. In fact, modern disease monitoring systems, as the Global Public Health Intelligence Network (GPHIN) [10] and the Global Outbreak Alert and Response Network (GOARN) [11] , and event-based approaches that use a combination of web crawlers, artificial intelligence, and public health expertise in the detection of indicators [12] , [13] provide goodalthough limited-examples of successful platforms to identify latent indicators of an outbreak. To go beyond those existing solutions, data scale, contextualization, and granularity are key requirements for data quality, which is usually orthogonal to privacy preservation, timely processing and analysis as well as storage and processing cost. In the following, more details will be provided about existing epidemiological models and epidemic-related data collection. Models for emerging epidemics come in various forms, all relying on differently coarse-grained individuals' data. State-of-the-art population-level models for COVID-19 rely on metapopulation models with an underlying Susceptible-Exposed-Infectious-Recovered disease dynamics [14] . The metapopulations represent regions surrounding travel hubs and are interconnected through mobility data, for example, data from airlines, public transportation systems, and traffic control systems. The disease dynamics itself accounts for the fact that exposed individuals can be presymptomatic and unaware that they infect others, as suggested by early case data [15] . Unfortunately, while this model is effective at providing large-scale forecasts and predicting importations at aggregated levels, it is less informative at the individual level. However, this more granular information is necessary to accurately estimate the probability of such epidemics given a single importation event, which is rare given the population size. This particular event has the potential to become the initial point of a widespread contagion in a region not reached by epidemics until that point. Since this event basically depends on one individual, aggregated level statistics provide poor description of the heterogeneity of individual level behavior and mobility. Given this, most governments around the world introduced stay-at-home policies to reduce the mobility of their citizens, which should result in the now famous flattening of the curve. This expression refers to the process of slowing down the virus spread to keep the need for hospital care below the health care capacity. Different variations of the stay-at-home policy have been introduced, e.g. allowing citizens to move in a predefined radius to walk with their pets and exercise, restricting the number of times per day or the number of people per household that can go out. As previously argued, this is, understandably, a necessary abrupt solution for now, but it can become more graceful by properly utilizing crowdsourced data and active citizens' participation. B. Data collection: current activities and potential existing sources At higher levels, mining existing data sets collected by different types of service providers is an obvious and powerful way to quantify to which extent citizens follow stay-at-home policies, thereby providing an essential means of assessing their effectiveness. For example, smart grid systems can provide information about the changes in the energy consumption in different areas suggesting that people, on average, spend more time at home. The network usage information from broadband operators can also be used as an indicator of change in human behavior related to their mobility. Another source of information are mobility data sets from cellular network operators that are already present on the network. Smart appliances, like smart TVs, smart fridges, and smart light bulbs can be used to provide information about the overall time spent at home versus the time spent outside. Finally, information collected by several smart city applications, such as public transport usage and traffic, could also be leveraged to estimate the change in mobility patterns at the level of places, buildings and vehicles. At a lower granularity, proximity-tracing platforms have been proposed to collect data at the individual level, for instance the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) [16] , often in partnership with mobile service providers and operators. By aggregating proximity data over time, these approaches can follow data protection regulations. Among others, two of the largest Big Tech companies Apple and Google proposed a joint solution that appears to focus on the protection of user privacy, for example by keeping people anonymous in the central servers and making data submission voluntary. Different technologies are being proposed to automate and extend contact tracing (e.g. shared databases, GPS traces of confirmed cases, contact tracing through Bluetooth). The use of Bluetooth-based solutions, either in the form of the third-party dedicated apps or as a feature built into the mobile devices' operating systems, seems to be the most promising solution to date. Although these solutions are a new source of granular data, they cannot cover all relevant forms of infection, namely asymptomatic infections, and infections occurring out of proximity through shared surfaces (e.g. doorknobs). In this sense, our hope is to combine the metapopulation and individual tracing models in a citizen science framework to consider more possible routes of infection as well as both proximity (e.g. close contact) and mobility data (e.g. location visited). In addition to this, machine learning methods are expected to combine expert knowledge (e.g. from virologists and sociologists) with global data collected from different sources for fitting powerful predictive models to high-dimensional data. In doing so, the target is to leverage the different straights of different data sources at different granularity for privacy protection and allow for more thorough probabilistic forecasts. Ultimately this will allow for graceful lockdowns, tailored incentives for citizens' participation, and fine-tuned legitimate interventions. Fine-grained data collection approaches raise two major concerns as highlighted in [17] : (1) user privacy; and (2) trustworthiness of the shared information. Clearly, sharing location and health information with third-party entities can lead to the misuse of the data set for instance through unwanted advertising and health insurance implications. The impact of fake health information on the contact tracing system should be analyzed to assess its implications in terms of access to testing. All these applications rely on the premise that users will trust and adopt these applications. This brings us to an additional problem that could hamper these approaches. The adoption of new technologies is hard to predict, and it might introduce bias for example related to age, wealth, level of education, and state of country development. Citizens' participation in warning and response of epidemic outbreaks requires new incentives that reward the responsible use of citizens' personal data for protecting public health, while penalize and prevent citizens' profiling actions, manipulative nudging and power misuse. Designing new data fusion schemes tailored to fuel data analytics processes for prevention and mitigation of pandemics is an open research question: Which smart phone sensor data can model compliance of stay-at-home policies? How such models can be enhanced with social media, smart grid, or transport data? Pandemics require that we revisit and potentially reinvent how data should be managed and how systems should be designed to manage data in a more responsible way [9] . More specifically, discovering new ways to turn private sensitive data of citizens into public good, while preventing massive surveillance, profiling, and discriminatory analytics, becomes imperative. To pioneer this capability, new transparent and accountable data commons [18] , for instance personal data stores [19] - [21] , to which citizens have incentives to contribute data, are required. The citizens retain the right for their data to be "forgotten" [22] . Ultimately, they have control and give their consent to how these data are used. These data commons are designed to maximize the use of techniques for privacy preservation [6] , [23] , for example homomorphic encryption, differential privacy, anonymity, and obfuscation, while citizens are made aware of the privacy risks they experience. The previous section covered different aspects related to the data required to support a fine-grained epidemiological model. It is argued that a ubiquitous system can be employed to manage such data in a privacy-preserving manner. Here, we identify wireless connectivity and Internet of Things (IoT) devices as a way to collect data following those principles. Wireless connectivity and IoT devices come in many flavors, but can, in general, be classified into (1) personal devices, such as mobile phones and earbuds; and (2) unattended connected machines and things, such as surveillance cameras and motion sensors. There are three principal sources of epidemic-relevant data acquired through wireless connectivity: (1) online social networks; (2) personal smart phone and mobile data; and (3) sensory and Internet of Things (IoT) devices. In critical events, people tend to use online social networks to post comments about the emergency and learn from other users' comments. As a result, online social networks become a rich source of diverse information that could help to understand the main characteristics of the crises and their potential magnitude in early stages. For instance, in [24] , authors collected comments posted in the Chinese social media channel Weibo during the first month of the COVID-19 epidemic in Wuhan (China) to understand the evolution trend of the public opinion. A similar approach was used on Twitter in [25] , [26] . Government entities can use this approach to give more attention to the needs of the public during the beginning of the epidemic and adjust their responses accordingly. Another form of data content, normally provided by explicit consent from the citizens, is the GPS location data from personal devices. At the application level, the Twitter platform offers various user information, geographical location being one of the most important for a wide range of applications. However, only a few users enable their geolocation as public. To discover the user's geolocation (geographical region or exact geocoordinates), there are mainly two approaches called contentbased and network-based algorithms. The first one uses textual contents from tweets, and the latter uses the connections and interactions between users. In [27] , a neural network model based on multiview learning by combining knowledge from both user-generated content and network interaction is proposed to infer users' locations. This source of information comes in many different forms, ranging from the use of metadata in cellular mobile networks for user localization up to the metadata associated with different applications, such as Twitter. The use of data 1 collected in mobile networks during the COVID-19 pandemic has received significant attention [28] . Agglomerated mobile network data can be used to verify if interventions, such as school closures, are effective, and help to understand the geographical spread of an epidemic. Different types of mobile network metadata are collected at different levels of the communication system, and they offer varying levels of information. At the lowest level, localization of mobile network users is possible by evaluating the strength of the wireless signal received at base stations. Depending on how many base stations are connected to the device, the location can be determined at the level of entire cells or down to a few meters using triangulation. The resolution offered by cellular mobile localization maybe too coarse for detecting citizens' proximity and potential infections by face-to-face interactions. Nevertheless, even lowresolution location data can give insight into behavioral patterns (how much time is spent at home, office, and events) of individuals. Proximity detection can be enhanced by using the metadata from Bluetooth devices, such as beacons and discovery messages (e.g., [29] ). Wi-Fi is also a technology that is used ubiquitously, and its metadata can provide information on user proximity. For example, proximity can be inferred by comparing the lists of access points that each device can see within a given time interval [30] . Fusing the metadata from these different sources, along with the context information (how many family members are at home, which events) is very relevant for monitoring the epidemic. Many applications and devices become an important tool to provide epidemic-relevant data. These can be related to surveillance/thermal cameras, drones and even wearable devices. For example, surveillance cameras can be employed to count the number of people entering and exiting a specific area. In other scenarios, thermal cameras are used with specialized settings to focus on human skin temperature range, and infrared spot sensors for individual temperature scanning. A similar application to identify individual or group activities in a given place is based on motion sensors as infrared lasers, or ultrasonic sensors. In this approach, the motion sensors are installed and deployed in a specific environment to recognize different human activities. Other important source of IoT data are the smart healthcare devices, for instance, remote monitoring systems to check body temperature, which is a key sign in the support of homeostasis. Other popular applications are oxygen saturation monitoring based on beat oximetry, electrocardiogram monitoring with a specialized framework to estimate the heart rate, elderly monitoring using doppler radar to identify risk movements of elderly people, sugar level monitoring, and blood pressure monitoring. These IoT devices provide information that is analyzed by the IoT data to support specific applications. We envision a federated and decentralized coordination system for epidimiological warning and response. This system is federated by citizen communities that crowd-source data, personal smart phone devices, community-level IoT devices (e.g. LoRaWAN networks) and other computational resources on the edge. It can scale organically and bottom-up to citylevel, national-level and ultimately at global-level to coordinate in a socially responsible way the international actions of public health organizations and governments. This scaling requires tailored incentives that align public health policy-making with citizens' privacy and autonomy. Distributed ledgers with secure crypto-economic incentive models running on edge serves and scaling-up on-demand at a global level using wireless connectivity and public cloud infrastructure are the means to support the federated nature of this proposed system. Figure 1 illustrates the our vision. The proposed federated global epidemiological warning and response system is built upon epidemic-relevant information obtained through wireless connectivity introduced in Section III, and the internet infrastructure including fiber-optic and satellite links. Thus, in addition to the devices that are the data sources (e.g., smart phones, wearables, smart appliances, and cameras) with their applications and existing communication networks, there is a need for a computer infrastructure dedicated to store and process the epidemic-relevant data in a secure and privacy-preserving manner. It is argued that this infrastructure also needs to follow a similar federated organization based on the geographic locations. Each municipality, city, county, or larger neighborhood will rely on edge servers to process their respective data contents. The premise is to keep the computations as local as possible. However, larger-scale computations related to the interrelations between locations (e.g. mobility, commuting, and traveling) requires data from these different places. Once again, the federated organization supports this collaborative sharing (up and downstream between the federated entities), but it will probably require computationally more demanding algorithms. It is possible that those computational tasks require more powerful cloud servers, or collaborative parallel computing at the edges. For security reasons, DLTs shall be employed to store data from the edge servers at the global level. At the technical level, the following aspects deserve special attention. In this paper, a privacy-by-design approach is proposed with which several critical operations of the federated global epidemiological system can be performed; for instance, decentralized data analytics [31] , [32] , social interactions analysis [33] , [34] , decentralized planning and resource allocation [35] and federated learning [36] , [37] . Such operations integrate in a smart way state-of-the-art techniques, for instance, informational self-determination, homomorphic encryption, differential privacy, obfuscation, and anonymity. Often, privacy may limit the quality of service known as the system utility as the accuracy and quality of data are deteriorated to hide information content. For instance, predicting the risk of infections for individuals based on an epidemiological network model is a graph-based semi-supervised learning problem. Privacy-preserving semisupervised learning over graphs has been considered in [38] . However, the precise trade-off between (lowering of) privacy protection and learning accuracy is largely open. Pareto optimal trade-offs can be configured and regulated by tuning the parameters of the privacy techniques as previously shown in [6] . Monetary and other incentives can be used to coordinate data sharing choices in a crowd. However, new types of social incentives are required for such an epidemiological system; for instance, incentives related to well-being, receiving solidarity, and longterm payoffs. 2) Interoperability: The big data required by the proposed solution have to be interoperable, i.e. the several applications that are providing data to be used to accomplish a specific task have to operate together and share a common "understanding" [39] . This can be achieved by employing standards for health informatics such as ISO TS22220:2011, TS21090:2011, or TS13606. For instance, the data collected from different sources can be used to predict refinements to patient care or new drug contraindication [40] . This key issue, though, has deserved little attention in large-scale epidemiological studies [41] , [42] ; it is usually assumed that heterogeneous data sources are compatible with each other. In practice, though, the highly heterogeneous data sources lead to poor interoperability, which creates barriers to effectively combat pandemics like COVID-19, as indicated by [43] . 3) User interfaces: A successful platform also involves a suitable end-user interface [44] . In this sense, data consumption by public health officials and global health agencies will require user-friendly web-based interfaces, using common dashboarding techniques. However, beyond this, the proposed federated platform has to consider citizen participation and the heterogeneity of end-users. Therefore, the following characteristics should be taken into consideration in the design of the platform: it should be (a) explainable/accountable to improve for instance awareness and engagement [45] ; (b) gamified to engage and incentivize participation [46] , [47] ; and (c) customizable for different user groups at an international level. The proposed architecture has to articulate the key elements from data acquisition to analytics, following the best practices related to privacy and cyber-security. At the acquisition level, in addition to the existing data retrieval from the web, wirelessconnected devices will send data to edge nodes that will be associated with specific regions. Data will be anonymously preprocessed at the edge, including some intelligent detection of anomalies or event detection, and then sent to regional (cloud) servers to run a more complete model that will fuse the geolocated timestamped data and run detection models based on explainable AI approaches combined with mathematical computational methods. In this case, crowd-sourcing models are applied based on hardware as a public good in an approach similar to the DIASPORA social network, also extending this approach to software and data. Regional models will be associated in federations resembling the governance structure of the actual regions under interest, which is customizable to local policies/governance models. Following this federated and collaborative organization, it will be possible to build organically a fine-tuned early detection system at the global level in a decentralized yet hierarchical manner to support graceful lockdowns. This would turn the proposed federated architecture into a holarchy, where each level is independent and self-sustained, but it can also be encapsulated at a level above to capture new goals [48] . This system will rely on DLTs to guarantee a trustful system without a responsible third party and minimize the risk of data manipulation [49] . Distributed ledgers could also be used to facilitate different (crypto-economic) incentive mechanisms, such as token curated registries. Its main objective is to build a crowd-sensing trustworthy platform based on privacypreserving methods to detect potential harmful symptoms in a specific region in almost real-time and flag them to relevant authorities. This alarm needs to be accurate, reliable, and explainable. It will also require a user-tailored interface that could empower citizens by providing detailed explanations and easy-to-access information, while being a tool for policymakers (from the city level to global organizations) designing the correct interventions (a variety of incentives, sanctions, and other persuasive measures) given the specific context of the epidemic in some specific region in a given period of time. To obtain insights from a practical implementation, we define a specific use case that matches the premises of the proposed architecture. This key industry use case focuses on remote patient monitoring. Here, many issues in treating chronic patients could be reduced or resolved through more efficient patient care. In the case of pandemics, such as COVID-19, the remote monitoring of diagnoses patient can represent a key difference to avoid the virus acceleration. Besides that, the application should guarantee privacy and security on the gathered data. To guarantee people participation, the system can provide incentives, such as bonus or tax compensations. In the context of the proposed federated global epidemiological warning system, the remote patient monitoring is a representative use case, in which the integration between DLTs and IoT devices plays a key role. We analyze this integration through an experimental setup based on NB-IoT, which is one of the most representative low-power wide-area network (LPWAN) technologies in cellular networks. Considering that the proposed architecture requires massive end devices deployment, low power consumption, superior coverage, and worldwide deployment, NB-IoT becomes a key solution to support the federated global epidemiological warning system. Some details of the integration setup are described in the next sub-section, emphasizing data workflow, and end-to-end (E2E) latency. We consider latency because the experimental results indicate that it is the most sensible network parameter when DLTs are built in the top of the connectivity system. In this section, we provide brief explanation of the integration between the NB-IoT network and the DLT-based system, which is illustrated in Figure 2 . In a conventional NB-IoT system, the uplink data generated by the user equipments (UEs) is transmitted though specialized packet messages and routed toward an edge data center to be stored and processed (yellow background in Fig. 2 representing a standard-NB-IoT). At this point, the monitoring system has no control on the collected data, so modification, corruption, and losses may occur. Conversely, in our DLTenabled NB-IoT setup, the uplink data generated by the UEs is transmitted to a randomly chosen group of endorsing peers of Hyperledger Fabric, a type of DLT used in our study, as transaction proposals (check the purple background in Fig. 2) . Then, each of the peers signs the transaction using the elliptic curve digital signature algorithm (ECDSA) and adds the signature before returning the signed message back to the IoT devices (UEs). The peers that provide an endorsement of the ledger send an update to the application, but do not immediately apply the proposed update to their copy of the ledger. Instead, a response is sent back to the IoT device to confirm that the transaction proposal is correct, has not been previously submitted to the ledger, and has a valid signature. Therefore, the security increases with the number of endorsing peers. In addition, smart contracts can be executed to update or query the ledger. Then the IoT device broadcast the confirmed transaction proposals along with the confirmation to the ordering service. The received transactions are ordered chronologically to create blocks. These transaction blocks are delivered to all peers for validation. Then, the peers append the block to the ledger, and the valid transactions are committed to the current state database. Finally, a confirmation message is transmitted back to the IoT devices to report that the submitted transaction has been immutably published to the ledger. The important of confirmation is analyzed in [50] . 2) Results: We evaluate the performance of an integrated DLT and IoT system with permissioned Hyperledger Fabric and NB-IoT. Our experimental setup is based on Hyperledger Fabric v1.4, NB-IoT development kits SARA EVK N211 and one NB-IoT Amarisoft eNB station. We compare the E2E latency of conventional NB-IoT with DLT-based NB-IoT in various scenarios. The number of endorsing peers is varied from 1 to 4 peers. The IoT device transmits packet every minute, and the total number of messages transmitted is around 1000. The Figure 3 shows that the end-to-end (E2E) latency is computed based on the total uplink and downlink transmission latency and validation latency in the ledger. We observe that when adding an new endorsing node to the same channel, this will increase the endorsing latency. In comparison with conventional NB-IoT system, the DLT-based NB-IoT perform a higher latency due to the validation process from ledger to verify transaction as well as building block. This is a trade-off between DLT-based system and conventional IoT system. DLT-based IoT system guarantees the trust; however, the latency is slightly degraded. A federated global epidemiological warning system was proposed. Based on it, an specialized use case focused on remote patient monitoring was considered. As one critical piece of this use case is the integration of DLTs and IoT devices, we implemented an experimental integration setup between DLTs and NB-IoT. In this study, we conclude that the latency increased when the number of endorsing peers is increased. Results indicate that in average the latency is increased 0.25 seconds per endorsed peer that is added. However, this increases the guarantees in terms of secrecy, privacy, and interoperability. This experimental setup also reveals additional technology challenges, such as the performance of DLT-based system with massive number of connections, as well as the trade-off between privacy, interoperability and system performance. Although the proposed architecture is designed to be fair among all citizens, few important practical points still deserve attention. Good quality data usually follow the wealth distribution over all scales of the proposed federation. In other words, good quality data is very likely to be less available in poorer regions of a city. The same is valid for poor regions within a country and poor countries. This existing gap needs to be considered when building incentives for participation, otherwise the proposed solution has the potential of reinforcing inequality [51] . Another current issue we cannot neglect is the public perception of wireless technologies. In this sense, part of the general public perceives IoT as insecure [52] and fifth generation (5G) as a health hazard [53] to the point of claiming an astonishing causal relation between 5G and COVID-19, which has caused destruction of base stations across UK. Beyond these conspiracy theories that are hard to combat, there exist legitimate concerns of anonymized data not being anonymous [54] , and of novel surveillance techniques introduced in times of crisis that are maintained for monitoring (legally or illegally) populations, e.g. post-9/11 surveillance in the USA [55] . All these have to be carefully addressed from the early stages of the system development. Furthermore, it has to be clear that neither technology nor data can prevent another outbreak on their own, but can only provide the extremely valuable tools to enable the holy grail of controlling epidemics: early detection, early response along all relevant actors within the federated organization. In other words, technology and data detect and identify potential harms and suggest actions and reactions, but the final diagnostic and further interventions are due to the responsible institutions within the federated structure and citizens' active participation. Our proposal answers those challenges based on informational self-determination as the way to build trustworthy and secure public infrastructure that shall enable graceful lockdowns as advocated here. In this sense, the proposed solution introduces a more balanced management strategy, moving away from purely top-down approaches toward a participatory system where the citizens are active. We further expect that, even without being implemented, the high-level architecture introduced here could offer important technological suggestions to decisionmakers of how to start smoothly resuming activities after lockdowns. Second wave COVID-19 pandemics in Europe: a temporal playbook Digital technology and covid-19 On the responsible use of digital data to tackle the covid-19 pandemic Special report: The simulations driving the world's response to covid-19 Can china's covid-19 strategy work elsewhere Optimization of privacy-utility trade-offs under informational self-determination Will democracy survive big data and artificial intelligence? Pandemics meet democracy. experimental evidence from the COVID-19 crisis in spain The ethics of ai ethics: An evaluation of guidelines The global public health intelligence network and early warning outbreak detection Gphin, goarn, gone" the role of the world health organization in global disease surveillance and response Revitalizing the global public health intelligence network (gphin) Intelligence and global health: assessing the role of open source and social media intelligence analysis in infectious disease outbreaks The effect of travel restrictions on the spread of the 2019 novel coronavirus Presymptomatic transmission of sars-cov-2-singapore Pan-european privacy-preserving proximity tracing Contact tracing mobile apps for covid-19: Privacy considerations and related trade-offs Privacy in iot blockchains: with big data comes big responsibility Make users own their data: A decentralized personal data store prototype based on ethereum and ipfs Blockchain as a notarization service for data sharing with personal data store Blockchain-based personal data management: From fiction to solution The future of privacy lies in forgetting the past Privacypreserving mechanisms for crowdsensing: Survey and research challenges Characterizing the propagation of situational information in social media during covid-19 epidemic: A case study on weibo How the world's collective attention is being paid to a pandemic: Covid-19 related 1-gram time series for 24 languages on twitter Event Detection System Based on User Behavior Changes in Online Social Networks: Case of the COVID-19 Pandemic Twitter user geolocation using deep multiview learning Mobile phone data and COVID-19: Missing an opportunity?" arXiv e-prints Quantifying sars-cov-2 transmission suggests epidemic control with digital contact tracing Inferring person-to-person proximity using wifi signals Practical secure aggregation for privacy-preserving machine learning Engineering democratization in internet of things data analytics Mining social interactions in privacy-preserving temporal networks IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM) Decentralized privacy preserving services for online social networks Decentralized collective learning for self-managed sharing economies Federated machine learning: Concept and applications Federated multi-task learning Privacy preserving semi-supervised learning for labeled graphs Semantic interoperability as key to IoT platform federation Fundamentals of Clinical Data Science Preparing data at the source to foster interoperability across rare disease resources Improving semantic interoperability of big data for epidemiological surveillance Are high-performing health systems resilient against the covid-19 epidemic? A pandemic influenza modeling and visualization tool Participatory disease surveillance systems: ethical framework Participatory surveillance based on crowdsourcing during the rio 2016 olympic games using the guardians of health platform: Descriptive study Applications of crowdsourcing in health: an overview Hierarchical self-awareness and authority for scalable self-integrating systems Trusted wireless monitoring based on distributed ledgers over nb-iot connectivity Communication aspects of the integration of wireless iot devices with distributed ledger technology Potential biases in machine learning algorithms using electronic health record data A longitudinal analysis of the public perception of the opportunities and challenges of the internet of things The 5g debate in new zealand-government actions and public perception Anonymization and risk Making sense from snowden: What's significant in the nsa surveillance revelations