Apple, Google Join Forces To Create Free Tools For Coronavirus Tracking

from the stepping-up-when-the-gov't-won't...-or-at-least-shouldn't dept

Fortunately, the US government hasn't decided (yet!) to opt everyone into some sort of tracking program to mitigate the spread of the coronavirus. This doesn't mean you can't opt yourself into tracking to head off possible infections and/or gauge your risk level.

Apple and Google are working together to build a set of tools that can be used to track the spread of the virus, and it's all purely voluntary. Obviously, there are some concerning aspects about the use of these tools by public health agencies, but the companies have done a pretty good job lowering the risk of these being turned into always-on surveillance apps.

This is from Apple's press release, which is light on details but gives a broad overview of what's happening.

First, in May, both companies will release APIs that enable interoperability between Android and iOS devices using apps from public health authorities. These official apps will be available for users to download via their respective app stores.

Second, in the coming months, Apple and Google will work to enable a broader Bluetooth-based contact tracing platform by building this functionality into the underlying platforms. This is a more robust solution than an API and would allow more individuals to participate, if they choose to opt in, as well as enable interaction with a broader ecosystem of apps and government health authorities. Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders. We will openly publish information about our work for others to analyze.

These will allow for voluntary contact tracing using Bluetooth signals. A unique signal would be broadcast by participants to nearby devices, including those within the CDC-recommended six feet minimum for social distancing. Users would self-report their COVID status, broadcasting that info as well. No one's location data is gathered and their movements aren't tracked. All processing of signals occurs on users' devices.

More details can be found in spec sheets released by the companies. Apple's notes that device privacy is protected by identifiers that change every 15 minutes, making it almost impossible to use the APIs for long-term tracking of people's movements. If a user tests positive for COVID-19, they must opt in to sharing that data with the API servers.

There are no perfect solutions for this pandemic and this one isn't. But it's far more robust and more respectful of users' privacy than most of what's being pushed by governments elsewhere in the world. The addition of government fabric to the framework doesn't undercut the protections built into the system. The upside for public health agencies is better, faster tracking of viral spread -- something that's almost impossible at this point in time.

The downsides are mostly related to the tech itself and the nature of human beings. Bluetooth signals don't necessarily indicate human contact -- especially when lots of people live in close proximity but are rarely face-to-face, like in large apartment complexes.

Also worrying is the potential for abuse by the worst human beings, of which there are far too many. Ashkan Soltani suggests the apps could be misused to troll the system into uselessness.

MOST IMPORTANTLY there's a REAL risk of abuse from these apps -- generating false alarms and Denial-of-Service attacks from people falsely flagging that they're infected with COVID19 (crying 'wolf) -- thereby potentially affecting the others they've digitally been in contact with

Finally, there's the problem with our healthcare system in general. There supply of reliable tests is still limited and it seems unlikely heading to your primary care provider with a Bluetooth positive (but no symptoms) is going to persuade them to test you for the virus. Hopefully the availability of tests will increase as time goes on, making this tool more useful to more people.

Even the ACLU seems cautiously supportive of the tech companies' joint effort:

"To their credit, Apple and Google have announced an approach that appears to mitigate the worst privacy and centralization risks, but there is still room for improvement. We will remain vigilant moving forward to make sure any contact tracing app remains voluntary and decentralized, and used only for public health purposes and only for the duration of this pandemic."

As always, the biggest drawback of this effort is also its greatest strength: it's entirely voluntary. In a nation of rugged individualists (which unfortunately includes people who believe this isn't actually a pandemic or that the 5G rollout is somehow linked to the coronavirus), it's tough to get people to buy into voluntary health efforts, no matter how beneficial they may be to themselves or anyone else around them. Mandatory tracking would provide better data faster, but our government hasn't shown it can be trusted to handle this much power responsibly. So, voluntary it is and whatever buy-in there is will be better than the nothing we're doing now.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: api, bluetooth, contact tracking, coronavirus, covid-19, privacy
Companies: apple, google


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 10 Apr 2020 @ 4:31pm

    Since sanity is only licensed out, and for a limited time:
    I hope they license the API with a permissive or good copyleft license.

    link to this | view in thread ]

  2. icon
    That Anonymous Coward (profile), 10 Apr 2020 @ 4:52pm

    Y'all laughed at my crappy barely smrt phone....
    Now the new Typhoid Mary's are gonna get their flip phones out & be the unseen hand of infection slipping through the models undetected.

    TFW you once again think everyone has a smart phone just proving Uncle TAC's personal bubble theorem.

    link to this | view in thread ]

  3. icon
    Ehud Gavron (profile), 10 Apr 2020 @ 5:22pm

    Privacy Policy + Anti TypeI/TypeII error tech needed

    Preempt: I understand the press release just came out and the API isn't complete, won't be implemented till May, and it will take months to get it to the handset. (Emojis take 8 months, so figure a real app takes longer.)

    PRIVACY POLICY
    The A/G companies have indicated they will anonimyze data tokens. This unfortunately no longer is of sufficient benefit. See https://www.nytimes.com/2019/07/23/health/data-privacy-protection.html

    To the end of ensuring both HIPAA compliant patient privacy, as well as geolocation data being judged 4thAM stuff, there should be a strict privacy policy by G/A to

    • ensure that individuals cannot be found after indicating valid CV19 results.
    • ensure that no entity can "round up people" based on who someone has come into contact with -- only that they can send a message which will eventually route to those people. (In other words, an app popup is fine, but a call telling you "Hey Alice, you came into contact with Bob... and he's C19 positive. Cops are enroute to pick you up for your test" is bad

    TYPE I errors
    That's also known as a "false negative". So if the person doesn't indicate they have CV19... then none of this will work. I'm not sure how to resolve that without some national system where your health services provider 'tags' your special code (that changes like an Authenticator and isn't static like a BC wallet).

    TYPE II errors
    That's also known as a "false positive". That's where I go meet lots of people I don't want around and then tag myself as CV19 positive. Think, for example, of my attending Republican hearings, Trump Dinners (or Mar-A-Lago "Trump Trains") and then tagging myself as CV19 positive. The damage is incalculable.
    https://www.usatoday.com/in-depth/news/investigations/2020/04/09/instead-prepping-coro navirus-trump-partied-golfed-held-fundraisers/2941076001/
    This too could be solved by having health care providers do the tagging.

    So in my ideal world we wouldn't have these diseases. However, since we do my recommendation is:

    1. True anonymous user IDs/keys that are dynamic, and are provided by the individual's cellphone*.
    2. The health-care provider has THEIR ID/key that they have to have to sign off on a POSITIVE or NEGATIVE test.
    3. Dates on everything and MANDATORY removal of obsolete data.
    4. Privacy Policy says this will ONLY be used for CV19 screening, data scrubbed after CV19 gestation period, and guaranteed that LEOs have no access to the data with no exception. It will be used to inform people they've been possibly exposed (and how many people away that is) not to allow LEOs/Govt to try and suss out who it is.

    Happy Good Friday, Easter weekend, and best weekend wishes to all. Stay safe,

    Ehud

    • Yes, the cellphone thing. Some companies give their employees cellphones. Some people have multiple cellphones. Some borrow their friend's cellphone. Some HAVE NO CELLPHONE. I don't know how to solve for all this. A cellphone is not a unique identifier even if there's an Authenticator App and a password. I appreciate G/A trying to solve this one... but I think using a cellphone as a target designator is a poor choice.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 10 Apr 2020 @ 8:43pm

    The upside for public health agencies is better, faster tracking of viral spread ... the apps could be misused to troll the system into uselessness.

    The platform looks like pretty good work, but we may be getting ahead of ourselves by declaring it useful. That's something that would need to be supported by evidence. The people who use the app will be showing enough concern for their health that they'll likely respect distancing guidelines; others who get close enough to cough on them won't be using it. The self-selection bias could be strong enough to make trolling irrelevant.

    link to this | view in thread ]

  5. This comment has been flagged by the community. Click here to show it
    icon
    Anousheh (profile), 11 Apr 2020 @ 2:55am

    Free Tool

    Its is great for Google ads who want to track there conversion also for me because I going to start Google display campaign for https://rawdah.io.

    link to this | view in thread ]

  6. This comment has been flagged by the community. Click here to show it
    icon
    New silkroad (profile), 11 Apr 2020 @ 5:25am

    Buy Adderal 30mg Online without prescription from newsilkroad

    order now at https://newsilkroad.club/
    No prescription required.
    100% safe and discreet shipping.
    Overnight delivery is available.
    Moneyback guarantee.
    Best quality products.
    Worldwide delivery in just 7 days.
    US to US delivery in just 3 days.
    Best kind of Pills suppliers.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 11 Apr 2020 @ 6:11am

    Oh yeah, it's free now. But after it is made mandatory there will obviously be a fee to pay. Watch the stocks rise. What a house of cards, no wonder it falls down so easily.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 11 Apr 2020 @ 5:28pm

    If you want to avoid being tracked, just get a prepaid "burner" phone and pay using cash so your identify cannot be tracked.

    Or, if are close to to the Mexican border, and are a USA/Mexico dual national, just go into Mexico and sign up for a Mexican cell phone provider that allows "roaming" in the United States.

    Mexican cell phone providers are not subject to any American laws, even if someone close to the border is using a Mexican provider. Mexican cell phone providers only have to follow Mexican law, even if somoene on the US side of the border is using the service.

    If you are Mexican citizen and show valid Mexican ID to get a cell phone, that provider does not have to follow US laws, even if you are also a US ciitizen or permanent resident and/or using the phone on the US side of the border.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 12 Apr 2020 @ 1:56am

    Re:

    If you think that US carriers do not keep records of Mexican phones roaming their networks, you are deluded.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 12 Apr 2020 @ 3:41am

    Sounds like Pepp-PT

    This technology developed at Heinrich Herz Institute is remarkably similar to the one Google and Apple are presenting. Both use Bluetooth for tracing and a decentralized system with identifiers changing every 15 minutes. This and the known, trusted names in the European effort like Ulf Buermeyer give me hope that these will be fruitful efforts.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 12 Apr 2020 @ 8:34am

    How about you just don't carry a cell phone everywhere? They can't force you to carry a cell phone, or any other device unless court ordered. So opt out the old fashioned way.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 13 Apr 2020 @ 7:37am

    -In comes the crisis (9/11, Coronavirus, cold hot dog water, whatever)
    -Out go our civil liberties

    link to this | view in thread ]

  13. identicon
    TRX, 14 Apr 2020 @ 8:57am

    The spy app they're talking about doesn't provide any information the Feds can't get directly from the cellular providers. That's yer basic call data which they already subpoena huge volumes when the telcos don't hand it over voluntarily.

    The only difference is, the Google/Apple app data wouldn't have even the telco's minimal restrictions and oversight.

    For that matter, given how iPhones and Android phone tattle back to their motherships, they'd have to prove they're not already collecting that data "for quality control purposes" or some other justification.

    It's a nothingburger, COVID-wise.

    link to this | view in thread ]

  14. icon
    Rockstar (profile), 14 May 2020 @ 7:41am

    They Should, Its their Duty

    Being a Leading Companies. It's their Duty To overlook personal issues and work for the community. It is not sufficient only to create an app for people. Jump into the war.

    link to this | view in thread ]

  15. icon
    Rockstar (profile), 14 May 2020 @ 8:11am

    Re: They Should, Its their Duty

    and of course. They need to slow their work or put on automation. What's more than human life. Even I have stopped working on developing apps, website (finexo.co.uk), halt my others work too. and become a volunteer to help doctors to the maximum.

    I said so, because many may think what the comment writer done special.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.