The two biggest names in mobile internet devices are coming together to develop a unified contact tracing app, in the interests of helping to control the coronavirus pandemic. While Apple and Google are the two best-positioned companies to track the world’s smartphones in this way, there will be much “work to do to convince a rightfully skeptical public that they are fully serious about the privacy and security of their contact tracing efforts,” as Senator Richard Blumenthal of Connecticut put it. Additionally, the current plan would not cover an estimated 2.5 billion phones that are in use across the world and may be hampered by technical issues.
Apple and Google’s team effort
Apple and Google’s collaborative effort will involve first releasing APIs in May that allow interoperability between Android and iOS devices, for use in development of apps meant for public health authorities. The companies plan to follow that up in the coming months with Bluetooth-based contact tracing functionality that is built directly into each platform.
Though further details are not yet available, and the actual contact tracing apps will likely be developed individually on behalf of various health agencies, the overall system appears to be similar to the one already in place in Singapore and the ones planned in various European Union countries. Unlike the more invasive systems used in South Korea and China, which use GPS location data in a way that many countries have laws or constitutional guarantees against, the Bluetooth technology keeps user data mostly anonymous while privately notifying individual app users when they have come in close contact with someone who has received a Covid-19 diagnosis.
The new effort from Google and Apple would have one key advantage, however: the ability to run in the background. Similar systems that are presently in use are limited by inherent safeguards built into each company’s mobile OS that prevent Bluetooth tracking from happening in the background. That means that the app must be running, the screen must be on, and no other apps can be running simultaneously. The new updates will enable an anonymized key system that tracks via locally stored data and changes codes every 15 minutes in a bid to avoid allowing anyone to identify and build a tracking history on any particular user.
This system would have many voluntary elements. Users would be asked to download the contact tracing app, keep it active at all times while traveling about, and give permission for medical personnel to add them to the tracking database when they receive a positive diagnosis. The initial announcement from Apple and Google indicated that their project will be “opt-in” for the end user. The companies have also promised to openly publish information about their work to promote transparent monitoring by third parties.
Can these contact tracing apps truly be made private?
Nevertheless, security and privacy questions have immediately been raised. The American Civil Liberties Union (ACLU) has already issued a white paper outlining the measures that should be taken to preserve the privacy of data subjects. Some of the specific concerns that the ACLU has raised include keeping the tracking data out of the hands of advertisers and law enforcement, transparency about everything that is collected, and the possibility of “mission creep” once data collection begins.
Most of the ACLU’s concerns center on the proximity records and logs that would be required to make any Bluetooth-based contact tracing app work. The organization raises some pertinent questions about these logs for which Google and Apple have not yet offered answers. For example, how is a relevant “contact” defined and can users input critical information (e.g. the “contact” occurred between occupants of two cars stopped near each other, so there was no real chance of exposure). And how voluntary will contact information sharing be? Will users be able to exclude sensitive personal contacts when providing their lists to public health officials?
As the organization points out, there is a very likely correlation between perceived coerciveness and abuse by these contact tracing apps and their ultimate success. If people believe the app is abusive they will refuse to install it, turn their phones off or leave them at home while moving about, or refuse to share information if they are diagnosed with coronavirus. Some studies have shown that at least 50% of the population has to use the app properly for it to slow the spread more effectively than manual contact tracing, and at least 60% have to use it for it to feasibly put a stop to the public health crisis (some estimates put this number at as high as 75%).
The entire premise is a tougher sell given the involvement of Google. While Apple has made protection of user privacy one of the planks of their brand (some questionable elements aside, such as the company’s various data-sharing ties with Facebook), Google is unabashedly in the business of the sort of surreptitious tracking that privacy advocates are concerned about.
Other potential points of failure
Concerns other than user privacy may also derail this new contact tracing technology, not the least of which is the simple fact that about 2.5 billion phones worldwide will not have the ability to be tracked in this way. There are about 1.5 billion phone users who are not using smartphones of any sort, and the remaining billion or so either have phones that are too old to have a supported version of the operating systems (6.0 may be the oldest supported Android version) or the right sort of Bluetooth chip. These unsupported phones will also disproportionately belong to some of the most vulnerable populations: the poor and the elderly.
Another potential issue for contact tracing apps is that even the supported Bluetooth chips appear to have problems detecting actual distance between devices. Apple has reported that a number of factors can confuse the signal strength indicator used to measure distances, sometimes getting it wrong by tens of feet: obstruction by materials (pockets or bags), interaction between different types of Android chipsets, and even the relative positions of the two phones when the measurement is taken.
Google and Apple have also voiced objection to some of the contact tracing app plans that were already in place prior to their joint announcement, most pointedly the app that the UK National Health Service (NHS) is expecting to roll out sometime soon. The tech companies have refused to support the UK NHS app over concerns about intrusive data collection.
The two tech giants are thus far saying most of the right things to address consumers privacy interests, but it will take quite a bit of concrete “doing” to rally the levels of voluntary support needed to make contact tracing efforts fruitful.
Myke Lyons, CISO at Collibra, sees a big business opportunity that doesn’t involve abuse of personal information: “This is a massive opportunity for Google and Apple to build trust with consumers. One of the biggest challenges in dealing with data privacy around contact tracing will be understanding where all the data is and knowing the systems that house it. There is a lot of misinformation and distrust around data, and consumers need to know how their data is being used, where it came from, how it is being secured, and what will happen once the data is no longer needed.”