How Apple, Google’s COVID-19 Contact Tracing Affects Your Privacy

A rare team-up between two of the world’s leading tech companies, Apple and Google recently announced plans to roll out Contact Tracing, a new technology designed to help combat the spread of the COVID-19. The technology will be released to developers on April 28.

It’s a strong measure with lofty goals, but it doesn’t come without its set of privacy concerns. 

What is Contact Tracing?

The concept is fairly simple: A smartphone software update will enable those devices to track a user’s contact and distance to other people who have been confirmed to have been diagnosed with COVID-19. 

How Does it Work?

Apple and Google plan to take advantage of Bluetooth technology found on smartphones to communicate and measure the distance from one user to another. The feature will also identify instances when users may have been exposed to those who have been diagnosed with COVID-19.  

Here is a step-by-step of how they envision this to work:

  1. Apple and Google will roll out a software update to all Android and iOS smartphones to allow those devices to send out Bluetooth signals (or pings).

  2. Users will have to opt into the service in order for those devices to send out pings.

  3. Pings will consist of randomly generated encrypted keys that will be received by nearby devices that are also running the service.

  4. If User A is diagnosed with COVID-19, he or she will need to manually confirm that information via the software.

  5. User A’s keys from the previous two weeks will then automatically be uploaded to the Diagnosis Server.

  6. Every day, everyone automatically downloads these keys from the Diagnosis Server and compares them to any pings they received.

  7. If any pings on User B’s phone match any of the Diagnosis Keys, User B will be alerted that he or she may have come in contact with an infected user. Based on the strength of the signal, it is believed that the system can reliably estimate the distance between two individuals to identify if an exposure occurred.

  8. User B will then be presented with recommendations on how to proceed, including getting tested or quarantining.

 
 

Google and Apple have responded to initial concerns regarding Contact Tracing with the following claims:

  • Personal Identifying Information will not be collected

  • Only Bluetooth will be used, not GPS location data

  • Fully opt-in only — a user must manually enable Contact Tracing

  • Bluetooth signals will utilize unique, rotating codes that are delivered via cryptographic key

  • Keys are rotated every 10-15 mins

  • Any Exposure Matches that occur stay on the user’s devices and are never sent to the Diagnosis Server

Technological and Social Issues 

My first thought after reading the details of this new solution was… Bluetooth kind of sucks.

I can’t even expect my phone to reliably Bluetooth connect to my car or headphones every time. I know at least once a week I have to manually connect something by going into the settings. You probably do too. 

Bluetooth has a low range, less-than-reliable signal, and is susceptible to interference. How are we supposed to be confident it can dependably gather such important data?  

Bluetooth also has a tendency to leak through physical structures, like walls. If someone in the apartment next to yours tests positive, the system may require you to quarantine… even if you’ve had zero contact with your neighbor because that ping took place through the shared walls of your apartments. 

Also, how will this affect technology on a broader scale? The constant daily download of ping keys could overwhelm data networks, especially if the number of positive cases skyrockets causing the key files to become large. 

This could also affect the battery life of our devices. The frequent pinging between phones could cause phones to drain power much faster than normal, preventing them from running for even half a day before requiring another charge. A phone offers no value to the tracing program if it’s dead and incapable of sending out any further pings. 

Worse yet, this all depends on people actually opting in, voluntarily submitting their positive diagnosis, and not circumventing the system by simply leaving their phones at home or in their car. We can’t even get people to stay inside, much less activate a seemingly intrusive feature on their smartphones. 

Moreover, this may not even help the most vulnerable of the population, with many elderly individuals still opting out of smartphones altogether. 

Security and Privacy Issues

Technological issues aside, Contact Tracing also naturally poses an issue with privacy. 

Assume User A gets notified of a potential exposure and takes to social media to do some digging. User A could possibly find Users B-D, all of whom were also notified. Before you know it, they identify User X as the infected individual, revealing their private health data. 

Former chief technologist for the Federal Trade Commission Ashkan Soltani also speculated on a potential approach called a “Correlation Attack.” A recent WIRED article describes how this attack could go down:

“To demonstrate the problem, Soltani imagines a nosy neighbor setting up a camera outside their window and recording the face of everyone who walks by. The same neighbor also ‘roots’ their phone so they can see all the contact-tracing Bluetooth signals it picks up from other users. When one of those passersby later reports that they're COVID-19 positive, the snoop's app will receive all their keys from the contact-tracing server, and they'll be able to match up the codes the user broadcast at the moment they passed the camera, identifying a stranger as COVID-19 positive. They might go as far as posting the picture of that infected person on Nextdoor to warn neighbors to watch out for them.”

Sound crazy? Maybe you just haven’t spent enough time on Nextdoor or other online neighborhood watch communities.

Also, if Bluetooth proves to be an inefficient technology, what’s to stop them from arguing in favor of GPS location tracking? It’s enabled on most of our phones by default (check your Google Maps history if you don’t believe me). This would create a system that could pinpoint your historical location and socialization data.

Apple claims the feature will be only be temporary, but keep your eyes peeled for a specific timeline.

Unless our COVID-19 testing capabilities scale up to match, this measure is little more than a privacy concern. 

See Apple’s Contact Tracing site if you would like to read more information on the new technology.