Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple and Google must convince public that contact tracing is secure, senator says

The Apple and Google system will use Bluetooth to monitor a user's proximity to others, including those infected with COVID-19.

Last updated

A U.S. senator says that Apple and Google still need to convince the public that their newly announced COVID-19 contact tracing app will respect user privacy and security.

On April 10, the two tech giants announced a partnership to develop and deploy a cross-platform mobile contact tracing technology that could help curb the spread of COVID-19.

In a statement to Reuters on Wednesday, Senator Richard Blumenthal (D-CT) said that the two companies "have a lot of work to do to convince a rightfully skeptical public that they are fully serious about the privacy and security of their contact tracing efforts."

Sen. Blumenthal and two other Democratic members of Congress previously raised concerns about White House-led efforts to collect Americans' health information during the COVID-19 pandemic.

Contact tracing is a process to track the spread of a disease by building out a history of who an infected person has come into contact with over a period of time. The system devised by Apple and Google largely automates this process using short-range Bluetooth signals, secure local databases, anonymized device identifiers and other modern mobile technology.

Both companies have said that their contact tracing system, which will initially roll out as a framework for public health organizations to build apps upon, is being designed with "privacy, transparency and user control" in mind.

The technology will be completely voluntary at every stage and will take steps to protect user identities by using rotating Bluetooth identifiers and storing that data locally on a device until a person who tests positive for the disease opts to notify the system. In such a scenario, said person's device pushes out 14 days' worth of contact keys to a central server, which is subsequently pulled down by other devices taking part in the program. Positive broadcast beacons are cross-checked with locally stored contact lists and, if a match is found, the recipient is alerted that they recently came in contact with someone who tested positive for the virus.

Android and iOS contact tracing APIs are expected to be made available in May, while operating system-level integration is planned to follow.

Apple and Google detailed the system's privacy protections in a press briefing Monday.



22 Comments

maltz 13 Years · 507 comments

It seems like a good design from a privacy standpoint, though convincing politicians and the public of that might be a tall order.  But the biggest concern I have (other than likely low participation) is what's to prevent people from trolling the system and claiming they tested positive after racking up a bunch of contacts?  I haven't seen that addressed anywhere.

ihatescreennames 19 Years · 1977 comments

maltz said:
It seems like a good design from a privacy standpoint, though convincing politicians and the public of that might be a tall order.  But the biggest concern I have (other than likely low participation) is what's to prevent people from trolling the system and claiming they tested positive after racking up a bunch of contacts?  I haven't seen that addressed anywhere.

That’s a good question. I know plenty of people who would think it was funny to cause some panic by claiming a false positive. Hopefully others have thought of that and there are some safeguards in place.

Funny, though, about the privacy issues. I guarantee I know people that would raise that as an issue and refuse to use the app and then immediately open Facebook.

Of course, getting more people to use the app is key to it actually working. Too bad this wasn’t 3 months earlier.

chasm 10 Years · 3624 comments

Like it or not, contact tracing -- along with mass-scale testing -- are the two things the US isn't doing that it really should be doing to prevent more infections and deaths. The same public that happily gives far more data on an hourly basis to FB, Twitter, and Google should not have a problem with anonymized contact tracing. I'm hopeful that America's community spirit (not as strong as it once was, sadly, but not extinct either) will rally around short(ish) term pain that will produce results that mean the US can get out of the quarantine state faster.

FileMakerFeller 6 Years · 1561 comments

Or, to paraphrase the politician's comment: "Apple and Google have to show us how we can make money off their efforts while simultaneously appearing to help the public."

tommikele 12 Years · 599 comments

No way

chasm said:
Like it or not, contact tracing -- along with mass-scale testing -- are the two things the US isn't doing that it really should be doing to prevent more infections and deaths. The same public that happily gives far more data on an hourly basis to FB, Twitter, and Google should not have a problem with anonymized contact tracing. I'm hopeful that America's community spirit (not as strong as it once was, sadly, but not extinct either) will rally around short(ish) term pain that will produce results that mean the US can get out of the quarantine state faster.

The answer is no. You actually believe them? Have you not learned anything over the last four years? Don’t do FB, Twitter, Google or any of them. Never have, never will.