20 Jun 2020
Are Apple, Google, and the Government Trying to Track Us? Short answer? No.
The Long Answer: The contact tracing apps haven’t been designed to track our locations, but who we’ve been in contact with.
Tracking your location isn’t important, because WHERE you got infected doesn’t really matter. Contact tracing is about identifying WHO is spreading the virus.
Google and Apple, though involved, didn’t actually build an app to track you. They built a framework.
Bluetooth Framework How Google and Apple have enabled contact tracing.
Using the same technology you use to connect your phone to your car or wireless speakers, all Android (Google) and Apple devices will “see” other devices nearby.
Bluetooth is perfect for this, because most people have it on, it doesn’t use a lot of battery, and only transmits and receives over short distances. That makes it EXTREMELY hard to track. It’s not like WiFi or cellular signals that can go hundreds or thousands of feet. And it doesn’t go to a centralized station, like a cell tower, that can be used to track your physical location.
To have your location tracked by Bluetooth, the government would have to have Bluetooth devices every 30 feet or so. That would be extremely expensive and very hard to maintain.
Details about the Bluetooth Contact Tracing Specs here (PDF): Exposure Notification – Bluetooth Specification
But How Does it Actually Work? This is the geeky stuff. Sorry.
Once you’ve turned contact tracing on in your phone’s settings, it will continually broadcast (aka advertise) itself to other Bluetooth devices in the area.
When it does this, it’s locked into a “non-connectable” mode. This means your phone doesn’t do anything but transmit that it exists. No other data is sent.
To protect privacy further, your phone won’t send out a broadcast saying “HEY! This is Karen’s phone,” it sends out a sequence of random numbers and letters that changes every 10 to 20 minutes.
Your phone then keeps a log of every random sequence it broadcasts and receives along with the date and time (aka a timestamp). This is the key to how this system determines whether you’ve been near an infected person.
These logs are stored on your phone only. The only time information is shared with anyone else, is if you install a contact tracing app that uses the built-in framework and authorize that app to share these logs. Details on this FAQ at question 7.
Here’s where the privacy concerns start: Along with your log, a unique identifier is sent to the app’s servers so it can message you if someone you’ve been in contact with tests positive for COVID. That unique identifier won’t be your name or phone number, but it’s still possible that it could be linked back to you in a number of ways.
When the app uploads the log to the server, it’s entirely possible other data could be stored with your log besides the unique identifier. Things like IP address, phone make and model, etc. could also be stored. Those things could lead to you being identified.
But that’s only if the data isn’t stored safely.
What About the App they Want Us to Download? There's the problem. It's not just one app.
In my opinion, Google and Apple decided to leave the app building up to Public Health Authorities to minimize their risk.
The framework is pretty foolproof. The app and storage of the log files is where the privacy risks are located.
Unfortunately, the biggest issue with the app isn’t just the potential for privacy leaks.
It’s the number of apps people may have to use.
The federal government dropped the ball by not creating an app to be used across the country, instead leaving it to each state. Now, there could be as many as fifty different apps for contact tracing that may or may not communicate with each other.
Interstate travel in the post-pandemic world will now mean you need to have an app installed on your phone for each state you’ve traveled to. That also means your contact logs will have to be shared with each app and each state, increasing the number of times the same data has to be sent from your phone and across the internet.
And that also means, 50 times as many potential privacy leaks.
What Should We Do? That depends.
Contact tracing has proven effective against COVID in Japan. But that was using the old-fashioned, boots on the ground approach.
The framework Apple and Google have built hasn’t been tested yet. It seems like they’ve done their best to ensure privacy, but there’s no guarantees.
If the states can come together and build a framework that allows for the open exchange of anonymized data, it will be an amazing tool for slowing and tracking the spread of COVID.
If they can’t, we need to demand the federal government build the app in cooperation with the US tech industry, which is what should have happened from the start.
Anything less is going to be a privacy nightmare.