contact-tracing

COVID-19: My turn

So, a few weeks back, COVID-19 went through my office at Milton. I had been at work just one day a week — basically I was working in the office on a Wednesday and working from home all other days of the week unless there was a special reason for me to do otherwise.

On the 3rd of July (Sunday), one of my colleagues reported he had tested positive on a rapid antigen test (RAT) after suffering symptoms, and would begin isolation. 2 days later (on the following Tuesday), another colleague reported he too, “had a bit of a cough”. I made the decision to not come in on the Wednesday, on the advice that it was likely better I work from home.

Over the coming days, more reported symptoms, but so far I was safe. Yes, my father and I were regularly going to the local cafés for dinner Monday-Thursday nights, but I was not exposing myself to the office cluster at this point.

I figured that, with all the cases now isolating, and a few days later, it’d be safe on the 13th of this month to work in the office… and so I did so. I think that was my big mistake. Sunday afternoon (17th), a cough started, and on the following Monday, this was the result:

Yes, the “C” is a bit weak but still present, the “T” is unmistakeable!

Some might quibble and say this one is inconclusive because the “T” marker (test result) is way stronger than the “C” marker (control result), but the fact of the matter is, both lines are there, so reason enough to count this as a positive.

A later one done on Wednesday showed more even shading of the lines, so clearly I still have the blasted virus. Even today, I’m a little on the snuffly side and coughing intermittently.

Personal risk factors

It’s worth noting that I’ve had issues with Asthma since the late 80s. My body also has a nasty positive-feedback loop: if I cough, it tends to make my nose run (the vigorous coughing causes bruising of the tissues in my nose)… that has a habit of running down into my lungs, making me cough more, and possibly developing into bronchitis. On one occasion in 2005, that developed further into pneumonia.

Unvented masks for me are bad news too because they seem to trigger my lungs into a coughing fit, which then triggers the above symptoms. Yet, everyone around me insisted that I return to working in the office and generally getting out-and-about.

Vaccination status

I have had two initial shots of the AstraZenica COVID-19 vaccine as well as a shot of the Moderna as a booster. I was looking to get a second booster, but the earliest I could book was on the 27th of July: too late for that now!

So yeah, ATAGI/Australian Health Department/Queensland Health — you can end your age discrimination on COVID-19 vaccination now — #1 undocumented policy goal: “get Stuart Longland infected” can be scratched off your list, and if some of the over 50s have never gotten their first shot by now, they probably never will! Time to stop playing around and just let all the adult population make their own decisions from now on.

China Communist Party (who won’t be able to see this without a VPN but anyway): Fuck you and the horse you rode on. COVID-19 is not the first virus to have jumped from bats via some intermediate animal to humans, won’t be the last, but somehow you managed to ensure that everyone got a share of something none of us want. Donald Trump might actually have a point calling it the “China” virus, I personally would rather call it the Wuhan virus since that’s where COVID-19 was first discovered.

Anyone who’s worked with horses already knows of another member of the Orthornavirae extended family: Hendra virus. The suburb of Hendra still seems to be flourishing, so the name hasn’t been all doom-and-gloom, but we don’t try to hide it. Furthermore, we managed to contain it in the 90s when DNA testing technology wasn’t even available in this country, yet China with far more sophisticated technology in 2019 let this “horse” bolt right out the gate!

Suffice to say, I’m not doing much in the way of development work right now. Software development needs a clear head not a stuffy one, and the bed’s the best place for me to stay warm.

Contact tracing

Well, here’s where I’ve been in the time both before and after infection. This is captured via the GPS logger on my tablet, not the most accurate device for positioning… but since the Queensland Government isn’t doing contact tracing anymore, it’s the best I can offer now.

For the sake of those who I might have come into contact with, here’s where I’ve been (all times are Brisbane Local UTC+10):

Overview of all locations… widely-spaced dots indicate I was mobile (private transport)

Ashgrove Central area

2022-06-28 (20 days before positive test)

  • 18:30 ~ 18:35: Coles Ashgrove, likely a cat food run
  • 18:42 ~ 19:24: Café Tutto, Ashgrove

2022-07-04 (14 days before positive test)

  • 17:47 ~ 18:36: Taj Bengal, Ashgrove

2022-07-05 (13 days before positive test)

  • 18:00 ~ 18:03: Coles Ashgrove
  • 18:20 ~ 18:54: Café Tutto, Ashgrove

2022-07-12 (6 days before positive test)

  • 17:30 ~ 18:33: Taj Bengal, Ashgrove

Ashgrove West area

2022-06-29 (19 days before positive test)

  • 19:05 ~ 19:54: Smokin’ Joe’s, Ashgrove

2022-06-30 (18 days before positive test)

  • 17:43 ~ 18:38: Osaka, Ashgrove

2022-07-07 (11 days before positive test)

  • 17:52 ~ 18:57: Osaka, Ashgrove

2022-07-13 (5 days before positive test)

  • 19:03 ~ 20:04: Osaka, Ashgrove

Keperra area

2022-07-06 (12 days before positive test)

  • 19:27 ~ 20:03: Finnigans Chin, Keperra

Redcliffe Area

2022-07-17 (the day before positive test!)

  • 10:58 ~ 14:40: Moreton Bay Boat Club, Scarborough

Redlands Area

2022-07-17 (the day before positive test!)

  • 16:55 ~ 17:28: Ormiston Dog Park (Small dogs area), Ormiston

Milton Area

2022-06-29 (19 days before positive test)

  • 11:10 ~ 11:12: Makya, Milton

2022-07-13 (5 days before positive test)

  • 11:08 ~ 11:15: Bagel Boys, Milton

The Gap area

2022-07-08 (10 days before positive test)

  • 18:04 ~ 18:22: Siam Garden, The Gap / The Gap Friendly Grocer

2022-07-09 (9 days before positive test)

  • 12:05 ~ 12:13: The Gap Village, The Gap
  • 12:16 ~ 12:21: Brumby’s Bakery, The Gap

2022-07-15 (3 days before positive test)

  • 19:53 ~ 19:59: The Gap Canteen, The Gap

I clearly walked past The Gap Friendly Grocer, but not sure if I went in or not… timestamps suggest probably not.

2022-07-16 (2 days before positive test)

  • 16:51 ~ 16:56: The Gap Friendly Grocer, The Gap

My actions now

So… I’m considering myself in hard lock-down until at least the 26th. That is, no visitors, no deliveries (unless already pending and I’m unable to reschedule them), no leaving the property for any reason.

I’ll be staying put. My father’s left on a big trip through Central Queensland (having tested negative to COVID-19), so I’m home alone, just me and Sam. I won’t be answering the door, for the safety of anyone who knocks. I do not want to spread this to anyone. Hard lock-down for me will be retained until all symptoms have cleared up.

If my symptoms clear up by the 26th, I will remain in soft lock-down until the 1st August: still no leaving the property or any visitors, but I may have some groceries delivered — the local shopping centre delivers for a nominal fee (seriously, you’d spend more in fuel doing it yourself), and I can meet the delivery person on the drive-way (maintaining 3m distance). They can drop the groceries down near the gutter, and when they’ve gone, I’ll go pick them up. Same with dinner deliveries: deliver to the end of the driveway, I’ll pick it up from there.

I will not leave the property until after the 8th August at the very earliest (except for very special circumstances), and there will be no dine-in until at least the 15th. Maybe after the 22nd, I’ll consider whether I resume workplace visits and other activities.

Anti-vaxxers: please stop playing games

Tonight I learned something disturbing… I heard hear-say evidence that someone I know, had made the decision to obtain a fraudulent COVID-19 vaccination certificate for the purpose of bypassing the upcoming restrictions due to be applied on the 17th December, 2021.

Now, it comes as no surprise that people will want to dodge this. I won’t identify the individual who is trying to dodge the requirements in this case, nor will I reveal my source. As what I have is hear-say evidence, this is not admissible in a court of law, and it would be wrong for me to name or identify the person in any way.

No doubt though, the authorities have considered this possibility. They cracked down on one “doctor”, who was found to be issuing fraudulent documents a little over a month ago. She isn’t the first, won’t be the last either. It’s not entirely clear looking at the Queensland Government website what the penalties are for supplying fraudulent documentation. One thing I know for certain, I do not want to be on the receiving end. I do not want to have to justify my presence because someone I go to a restaurant with chooses to break the rules.

My biggest fear in this is two-fold:

  1. Fear of prosecution from association with the individual committing fraud
  2. Fear of knee-jerk restrictions being applied to everybody because a small number could not follow the rules

We’ve seen #2 already this pandemic. It’s why we’ve got this silly check-in program in the first place. I’ve already made my thoughts clear on that.

What worries me is it’s unknown at this stage how the certificate can be verified. There are two possible ways I can think of: the Individual Healthcare Identifier and the Document number, both of which appear on the MyGov-issued certificates. Are the staff members at venues able to validate these documents somehow? How do they know they’re looking at a genuine certificate? Is it a matter of blind-faith, or can they punch these details in and come up with something that says yay or nay?

I’m guessing the police have some way of verifying this, but, as a staff member at a venue, do you really want to be calling the police on patrons just because you have a “gut feeling” that something is fishy? How is this going to be policed really?

Surprise!

Let’s play devil’s advocate and suggest that indeed, there will be surprise inspections by the constabulary. Presumably they have a way of validating these certificates, otherwise what is the point? Now, suppose for arguments sake, one or two people are found to be holding fraudulent documents.

What then? Clearly, the guilty parties will have some explaining to do. What about the rest of us at that table, are we guilty by association? How about the business owner? The staff who were working that shift?

Cough! Sneeze! I’m not feeling well!

The other prospect is even worse, suppose that a few of us come down with an illness, get tested, and it winds up being one of the many strains floating around. Maybe it’s original-recipe COVID-19, maybe it’s Alpha, or Delta… this new Omicron variant… would you like some Pi with that? (You know, the irrational one that never ends!)

You’ve had to check-in (or maybe you don’t, but others you were with did, and they say you were there too — and CCTV backs their story up). Queensland Health looks up your details, and hang on, you’re not vaccinated. They check with venue staff, “Ohh yes, that person did show me a certificate and it looked valid”.

Hmmm, dear sir/madam, could you please show us your certificate? Ohh, you haven’t got one? The staff at the restaurant say you do. BUSTED! You’d either be charged for failing to follow a health direction, or charged with fraud, possibly both.

What’s worse with this hypothetical situation is that you and the people you’re with are then exposed to a deadly virus. At least with the surprise inspection in the previous hypothetical situation no one gets sick.

The end game

Really, I hope that we can move on from this. The worst possible situation we can wind up with is that the privilege of going out and doing things is revoked from everybody because a small minority (less than 10% of the Queensland population) refuse to do the right thing by everyone else.

I don’t want to be hassled by staff at the door everywhere I go. This will not end if people keep flouting rules! It used to be just hospitality venues where you needed to sign-in, it was done on paper, and life was simple, but then Queensland Health learned that today’s adults can’t write properly. If they mandate proprietary check-in software programs, then those of us who do not have a suitable phone are needlessly excluded from participation in society through no fault of their own.

We will eventually get to the stage where we treat COVID-19 like every other coronavirus out there. The common flu is, after all, a member of that same family, and we never needed check-in programs for that. Some aged-care centres will insist on seeing vaccination certificates, but you could get a coffee without fear of being interrogated. We are not there yet though. We’ve probably got another year of this… so we’re maybe ⅔ of the way through. Please don’t blow it for all of us!

Half-arsed integration

You’d be hard pressed to find a global event that has brought as much pandamonium as this COVID-19 situation has in the last two years. Admittedly, Australia seems to have come out of it better than most nations, but not without our own tortise and hare moment on the vaccination “stroll-out”.

One area where we’re all slowly trying to figure out a way to get along, is in contact tracing, and proving vaccination status.

Now, it’s far from a unique problem. If Denso Wave were charging royalties each time a QR code were created or scanned, they’d be richer than Microsoft, Amazon and Apple put together by now. In the beginning of the pandemic, when a need for effective contact tracing was first proposed, we initially did things on paper.

Evidently though, at least here in Queensland, our education system has proven ineffective at teaching today’s crop of adults how to work a pen, with a sufficient number seemingly being unable to write in a legible manner. And so, the state government here mandated that all records shall be electronic.

Now, this wasn’t too bad, yes a little time-consuming, but by-in-large, most of the check-in systems worked with just your phone’s web browser. Some even worked by SMS, no web browser or fancy check-in software needed. It was a bother if you didn’t have a phone on you (e.g. maybe you don’t like using them, or maybe you can’t for legal reasons), but most of the places where they were enforcing this policy, had staff on hand that could take down your details.

The problems really started much later on when first, the Queensland Government decided that there shall be one software package, theirs. This state was not unique in doing this, each state and territory decided that they cannot pool resources together — wheels must be re-invented!

With restrictions opening up, they’re now making vaccination status a factor in deciding what your restrictions are. Okay, no big issue with this in principle, but once again, someone in Canberra thought that what the country really wanted to do was to spend all evening piss-farting around with getting MyGov and ther local state/territory’s check-in application to talk to each-other.

MyGov itself is its own barrel of WTFs. Never needed to worry about it until now… it took 6 attempts with pass to come up with a password that met its rather loosely defined standards, and don’t get me started on the “wish-it-were two-factor” authentication. I did manage to get an account set-up, and indeed, the COVID-19 certificate is as basic as they come; a PDF genrated using the Eclipse BIRT Report Engine, on what looks to be a Linux machine (or some Unix-like system with a /opt directory anyway). The PDF itself just has the coat-of-arms in the background, and some basic text describing whom the certificate is for, what they got poked with and when. Nothing there that would allow machine-verification whatsoever.

The International version (which I don’t have as I lack a passport), embeds a rather large and complicated QR-code which embeds a JSON data structure (perhaps JOSE? I didn’t check) that seems to be digitally signed with an ECC-based private key. That QR code pushes the limits of what a standard QR code can store, but provided the person scanning it has a copy of the corresponding public key, all the data is there for verification.

The alternative to QRZilla, is rather to make an opaque token, and have that link through to a page with further information. This is, after all, what all the check-in QR codes do anyway. Had MyGov embedded such a token on the certificate, it’d be a trivial matter for the document to be printed out, screen-shotted or opened in, an application that needs to check it, and have that direct whatever check-in application to make an API call to the MyGov site to verify the certificate.

But no, they instead have on the MyGov site in addition to the link that gives you the rather bland PDF, a button that “shares with” the check-in applications. To see this button, you have to be logged in on the mobile device running the check-in application(s). For me, that’s the tablet, as my phone is too old for this check-in app stuff.

When you tap that button, it brings you to a page showing you the smorgasboard of check-in applications you can theoretically share the certificate with. Naturally, “Check-in Queensland” is one of those; tapping it, it takes you to a legal agreement page to which you must accept, and after that, magic is supposed to happen.

As you can gather, magic did not happen. I got this instead.

I at least had the PDF, which I’ve since printed, and stashed, so as far as I’m concerned, I’ve met the requirements. If some business owner wants to be a technical elitist, then they can stick it where it hurts.

In amongst the instructions, it makes two curious points:

  • iOS devices, apparently Safari won’t work, they need you to use Chrome on iOS (which really is just Safari pretending to be Chrome)
  • Samsung’s browser apparently needs to be told to permit opening links in third-party applications

I use Firefox for Android on my tablet as I’m a Netscape user from way-back. I had a look at the settings to see if something could help there, and spotted this:

Turning the Open links in apps option on, I wondered if I could get this link-up to work. So, dug out the password, logged in, navigated to the appropriate page… nada, nothing. They changed the wording on the page, but the end result was the same.

So, I’m no closer than I was; and I think I’ll not bother from here on in.

As it is, I’m thankful I don’t need to go interstate. I’ve got better things to do than to muck around with a computer every time I need to go to the shops! Service NSW had a good idea in that, rather than use their application, you could instead go to a website (perhaps with the aide of someone who had the means), punch in your details, and print out some sort of check-in certificate that the business could then scan. Presumably that same certificate could mention vaccination status.

Why this method of checking-in hasn’t been adopted nation-wide is a mystery to me. Seems ridiculous that each state needs to maintain its own database and software, when all these tools are supposed to be doing the same thing.

In any case, it’s a temporary problem: I for one, will be uninstalling any contact-tracing software at some point next year. Once we’re all mingling out in public, sharing coronaviruses with each-other, and internationally… it’ll be too much of a flood of data for each state’s contact tracers to keep up with everyone’s movements.

I’m happy to just tell my phone, tablet or GPS to record a track-log of where I’ve been, and maybe keep a diary — for the sake of these contact tracers. Not hard when they make an announcement that ${LOCATION} is a contact site; me to check, “have I been to ${LOCATION}?” and get in touch if I have, turning over my diary/track logs for contact tracers to do their work. It’ll probably be more accurate than what all these silly applications can give them anyway.

We need to move on, and move forward.

A COVID-19 check-in system of my own

So, for the past 12 months we’ve basically had a whirlwind of different “solutions” to the problem of contact tracing. The common theme amongst them seems to be they’re all technical-based, and they all assume people carry a smartphone, registered with one of the two major app stores, and made in the last few years.

Quite simply, if you’re carrying an old 3G brick from 2010, you don’t exist to these “apps”. Our own federal government tried its hand in this space by taking OpenTrace (developed by the Singapore Government and released as GPLv3 open-source) and rebadging that (and re-licensing it!) as COVIDSafe.

This had very mild success to say the least, with contact tracers telling us that this fancy “app” wasn’t telling them anything new. So much focus has been put on signing into and out of venues.

To be honest, I’m fine with this until such time as we get this gift from China under control. The concept is not what irks me, it’s its implementation.

At first, it was done on paper. Good old fashioned pen and paper. Simple, nearly foolproof, didn’t crash, didn’t need credit, didn’t need recharging, didn’t need network coverage… except for two problems:

  1. people who can’t successfully operate a pen (Hmm, what went wrong, Education Queensland?)
  2. people who can’t take the process seriously (and an app solves this how?)

So they demanded that all venues use an electronic system. Fine, so we had a myriad of different electronic web-based systems, a little messy, but it worked, and for the most part, the venue’s system didn’t care what your phone was.

A couple, even could take check-in by SMS. Still rocking a Nokia 3210 from 1998? Assuming you’ve found a 2G cell tower in range, you can still check in. Anything that can do at least 3G will be fine.

An advantage of this solution is that they have your correct mobile phone number then and it’s a simple matter for Queensland Health to talk to Telstra/Optus/Vodaphone/whoever to get your name and address from that… as a bonus, the cell sites may even have logs of your device’s IMEI roaming, so there’s more for the contact tracing kitty.

I only struck one venue out of dozens, whose system would not talk to my phone. Basically some JavaScript library didn’t load, and so it fell in a heap.

Until yesterday.

The Queensland Government has decided to foist its latest effort on everybody, the “Check-in Queensland” app. It is available on Google Play Store and Apple App Store, and their QR codes are useless without it. I can’t speak about the Apple version of the software, but for the Android one, it requires Android 5.0 or above.

Got an old reliable clunker that you keep using because it pulls the weakest signals and has a stand-by time that can be measured in days? Too bad. For me, my Android 4.1 device is not welcome. There are people out there for whom, even that, is a modern device.

Why not buy a newer phone? Well, when I bought this particular phone, back in 2015… I was looking for 3 key features:

  1. Make and receive (voice) telephone calls
  2. Send and receive short text messages
  3. Provide a Internet link for my laptop via USB/WiFi

Anything else is a bonus. It has a passable camera. It can (and does) play music. There’s a functional web browser (Firefox). There’s a selection of software I can download (via F-Droid). It Does What I Need It To Do. The battery still lasts 2-3 days between charges on stand-by. I’ve seen it outperform nearly every contemporary device on the market in areas with weak mobile coverage, and I can connect an external antenna to boost that if needed.

About the only thing I could wish for is open-source firmware and a replaceable battery. (Well, it sort-of is replaceable. Just a lot of frigging around to get at it. I managed to replace a GPS battery, so this should be doable.)

So, given this new check-in requirement, what is someone like me to do? Whilst the Queensland Government is urging people to install their application, they recognise that there are those of us who cannot because we lack anything that will run it. So they ask that venues have a device on hand that can be used to check visitors in if this situation arises.

My little “hack” simply exploits this:

# This file is part of pylabels, a Python library to create PDFs for printing
# labels.
# Copyright (C) 2012, 2013, 2014 Blair Bonnett
#
# pylabels is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later
# version.
#
# pylabels is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# pylabels.  If not, see <http://www.gnu.org/licenses/>.

import argparse
import labels
import time
from reportlab.lib.units import mm
from reportlab.graphics import shapes
from reportlab.lib import colors
from reportlab.graphics.barcode import qr

rows = 4
cols = 2
# Specifications for Avery C32028 2×4 85×54mm
specs = labels.Specification(210, 297, cols, rows, 85, 54, corner_radius=0,
        left_margin=17, right_margin=17, top_margin=31, bottom_margin=32)

def draw_label(label, width, height, checkin_id):
    label.add(shapes.String(
        42.5*mm, 50*mm,
        'COVID-19 Check-in Card',
        fontName="Helvetica", fontSize=12, textAnchor='middle'
    ))
    label.add(shapes.String(
        42.5*mm, 46*mm,
        'The Queensland Government has chosen to make the',
        fontName="Helvetica", fontSize=8, textAnchor='middle'
    ))
    label.add(shapes.String(
        42.5*mm, 43*mm,
        'CheckIn QLD application incompatible with my device.',
        fontName="Helvetica", fontSize=8, textAnchor='middle'
    ))
    label.add(shapes.String(
        42.5*mm, 40*mm,
        'Please enter my contact details into your system',
        fontName="Helvetica", fontSize=8, textAnchor='middle'
    ))
    label.add(shapes.String(
        42.5*mm, 37*mm,
        'at your convenience.',
        fontName="Helvetica", fontSize=8, textAnchor='middle'
    ))

    label.add(shapes.String(
        5*mm, 32*mm,
        'Name: Joe Citizen',
        fontName="Helvetica", fontSize=12
    ))
    label.add(shapes.String(
        5*mm, 28*mm,
        'Phone: 0432 109 876',
        fontName="Helvetica", fontSize=12
    ))
    label.add(shapes.String(
        5*mm, 24*mm,
        'Email address:',
        fontName="Helvetica", fontSize=12
    ))
    label.add(shapes.String(
        84*mm, 20*mm,
        'myaddress+c%o@example.com' % checkin_id,
        fontName="Courier", fontSize=12, textAnchor='end'
    ))
    label.add(shapes.String(
        5*mm, 16*mm,
        'Home address:',
        fontName="Helvetica", fontSize=12
    ))
    label.add(shapes.String(
        15*mm, 12*mm,
        '12 SomeDusty Rd',
        fontName="Helvetica", fontSize=12
    ))
    label.add(shapes.String(
        15*mm, 8*mm,
        'BORING SUBURB, QLD, 4321',
        fontName="Helvetica", fontSize=12
    ))

    label.add(shapes.String(
        2, 2, 'Date: ',
        fontName="Helvetica", fontSize=10
    ))
    label.add(shapes.Rect(
        10*mm, 2, 12*mm, 4*mm,
        fillColor=colors.white, strokeColor=colors.gray
    ))
    label.add(shapes.String(
        22.5*mm, 2, '-', fontName="Helvetica", fontSize=10
    ))
    label.add(shapes.Rect(
        24*mm, 2, 6*mm, 4*mm,
        fillColor=colors.white, strokeColor=colors.gray
    ))
    label.add(shapes.String(
        30.5*mm, 2, '-', fontName="Helvetica", fontSize=10
    ))
    label.add(shapes.Rect(
        32*mm, 2, 6*mm, 4*mm,
        fillColor=colors.white, strokeColor=colors.gray
    ))
    label.add(shapes.String(
        40*mm, 2, 'Time: ',
        fontName="Helvetica", fontSize=10
    ))
    label.add(shapes.Rect(
        50*mm, 2, 6*mm, 4*mm,
        fillColor=colors.white, strokeColor=colors.gray
    ))
    label.add(shapes.String(
        56.5*mm, 2, ':', fontName="Helvetica", fontSize=10
    ))
    label.add(shapes.Rect(
        58*mm, 2, 6*mm, 4*mm,
        fillColor=colors.white, strokeColor=colors.gray
    ))

    label.add(shapes.String(
        10*mm, 5*mm, 'Year',
        fontName="Helvetica", fontSize=6, fillColor=colors.gray
    ))
    label.add(shapes.String(
        24*mm, 5*mm, 'Month',
        fontName="Helvetica", fontSize=6, fillColor=colors.gray
    ))
    label.add(shapes.String(
        32*mm, 5*mm, 'Day',
        fontName="Helvetica", fontSize=6, fillColor=colors.gray
    ))
    label.add(shapes.String(
        50*mm, 5*mm, 'Hour',
        fontName="Helvetica", fontSize=6, fillColor=colors.gray
    ))
    label.add(shapes.String(
        58*mm, 5*mm, 'Minute',
        fontName="Helvetica", fontSize=6, fillColor=colors.gray
    ))

    label.add(qr.QrCodeWidget(
            '%o' % checkin_id,
            barHeight=12*mm, barWidth=12*mm, barBorder=1,
            x=73*mm, y=0
    ))

# Grab the arguments
OCTAL_T = lambda x : int(x, 8)
parser = argparse.ArgumentParser()
parser.add_argument(
        '--base', type=OCTAL_T,
        default=(int(time.time() / 86400.0) << 8)
)
parser.add_argument('--offset', type=OCTAL_T, default=0)
parser.add_argument('pages', type=int, default=1)
args = parser.parse_args()

# Figure out cards per sheet (max of 256 cards per day)
cards = min(rows * cols * args.pages, 256)

# Figure out check-in IDs
start_id = args.base + args.offset
end_id = start_id + cards
print ('Generating cards from %o to %o' % (start_id, end_id))

# Create the sheet.
sheet = labels.Sheet(specs, draw_label, border=True)

sheet.add_labels(range(start_id, end_id))

# Save the file and we are done.
sheet.save('checkin-cards.pdf')
print("{0:d} cards(s) output on {1:d} page(s).".format(sheet.label_count, sheet.page_count))

That script (which may look familiar), generates up to 256 check-in cards. The check-in cards are business card sized and look like this:

That card has:

  1. the person’s full name
  2. a contact telephone number
  3. an email address with a unique sub-address component for verification purposes (compatible with services that use + for sub-addressing like Gmail)
  4. home address
  5. date and time of check-in (using ISO-8601 date format)
  6. a QR code containing a “check-in number” (which also appears in the email sub-address)

Each card has a unique check-in number (seen above in the email address and as the content of the QR code) which is derived from the number of days since 1st January 1970 and a 8-bit sequence number; so we can generate up to 256 cards a day. The number is just meant to be unique to the person generating them, two people using this script can, and likely will, generate cards with the same check-in ID.

I actually added the QR code after I printed off a batch (thought of the idea too late). Maybe the next batch will have the QR code. This can be used with a phone app of your choosing (e.g. maybe use BarcodeScanner to copy the check-in number to the clip-board then paste it into a spreadsheet, or make your own tool) to add other data. In my case, I’ll use a paper system:

The script that generates those is here:

# This file is part of pylabels, a Python library to create PDFs for printing
# labels.
# Copyright (C) 2012, 2013, 2014 Blair Bonnett
#
# pylabels is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later
# version.
#
# pylabels is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# pylabels.  If not, see <http://www.gnu.org/licenses/>.

import argparse
import labels
import time
from reportlab.lib.units import mm
from reportlab.graphics import shapes
from reportlab.lib import colors

rows = 4
cols = 2
# Specifications for Avery C32028 2×4 85×54mm
specs = labels.Specification(210, 297, cols, rows, 85, 54, corner_radius=0,
        left_margin=17, right_margin=17, top_margin=31, bottom_margin=32)

def draw_label(label, width, height, checkin_id):
    label.add(shapes.String(
        42.5*mm, 50*mm,
        'COVID-19 Check-in Log',
        fontName="Helvetica", fontSize=12, textAnchor='middle'
    ))

    label.add(shapes.Rect(
        1*mm, 3*mm, 20*mm, 45*mm,
        fillColor=colors.lightgrey,
        strokeColor=None
    ))
    label.add(shapes.Rect(
        41*mm, 3*mm, 28*mm, 45*mm,
        fillColor=colors.lightgrey,
        strokeColor=None
    ))

    for row in range(3, 49, 5):
        label.add(shapes.Line(1*mm, row*mm, 84*mm, row*mm, strokeWidth=0.5))
    for col in (1, 21, 41, 69, 84):
        label.add(shapes.Line(col*mm, 48*mm, col*mm, 3*mm, strokeWidth=0.5))

    label.add(shapes.String(
        2*mm, 44*mm,
        'In',
        fontName="Helvetica", fontSize=8
    ))

    label.add(shapes.String(
        22*mm, 44*mm,
        'Check-In #',
        fontName="Helvetica", fontSize=8
    ))

    label.add(shapes.String(
        42*mm, 44*mm,
        'Place',
        fontName="Helvetica", fontSize=8
    ))

    label.add(shapes.String(
        83*mm, 44*mm,
        'Out',
        fontName="Helvetica", fontSize=8, textAnchor='end'
    ))

# Grab the arguments
parser = argparse.ArgumentParser()
parser.add_argument('pages', type=int, default=1)
args = parser.parse_args()

cards = rows * cols * args.pages

# Create the sheet.
sheet = labels.Sheet(specs, draw_label, border=True)

sheet.add_labels(range(cards))

# Save the file and we are done.
sheet.save('checkin-log-cards.pdf')
print("{0:d} cards(s) output on {1:d} page(s).".format(sheet.label_count, sheet.page_count))

When I see one of these Check-in Queensland QR codes, I simply pull out the log card, a blank check-in card, and a pen. I write the check-in number from the blank card (visible in the email address) in my log with the date/time, place, and on the blank card, write the same date/time and hand that to the person collecting the details.

They can write that into their device at their leisure, and it saves time not having to spell it all out. As for me, I just have to remember to write the exit time. If Queensland Health come a ringing, I have a record of where I’ve been on hand… or if I receive an email, I can use the check-in number to validate that this is legitimate, or even tell if a venue has on-sold my personal details to an advertiser.

I guess it’d be nice if the Queensland Government could at least add a form to their fancy pages that their flashy QR codes send people to, so that those who do not have the application can still at least check-in without it, but that’d be too much to ask.

In the meantime, this at least meets them half-way, and hopefully does so which ensures minimal contact and increases efficiency.