On April 29, 2020, Google and Apple released the first version of their COVID-19 contact tracing tools to public health organizations. The tools, first announced by the companies on April 10th, aim to help public health agencies build apps to track and contain the virus. This article discusses how the contact tracing tools work, the planned two-phase implementation for the tools, and some of the privacy questions around the tools.
How Do the Tools Work?
“Contact-tracing” is not a new concept. The concept is that a society can limit the spread of a virus by tracing whom a person who has tested positive with a virus has recently come in contact with, and notifying those individuals to further prevent the spread of the virus. For example, if John tests positive for the virus and visits a grocery store, part of the contact tracing process would be to find and notify those individuals who came close to him in the grocery store. As you can imagine, contact tracing has historically been a laborious and inaccurate process that requires a manual review of an infected person’s interactions.
Google and Apple’s partnership aims to dramatically improve the contact tracing process by using Bluetooth technology within an infected person’s cell phone to determine whom the person has interacted with and notifying those other people. The partnership is particularly notable because it involves the creation of shared standards between two tech giants that rarely allow for any interoperability. Below is an example of how the tools work:
John and Mary are shopping in the same aisle in the grocery store. When in close proximity, John and Mary’s phones send out a device identifier beacon via Bluetooth. The pseudonymized identifier changes every 10 -20 minutes and is derived from a “daily device ID” which changes every 24 hours. The phones not only broadcast the device identifier but also listen for incoming ones and store them on the device.
A few days after the encounter, John tests positive for COVID-19. John is provided the terms of a mobile application controlled by a public health agency that uses the Apple or Google API, and consents to disclose his information for contact tracing purposes. The last 14 days of John’s broadcast beacons are uploaded to the cloud. The next day, Mary’s device downloads a list of beacons relating to infected persons (which includes John’s beacon). Because there is a match on Mary’s device, Mary receives a text notifying her that she may have been exposed and the protective measures she should consider taking. According to Google and Apple, the notification does not include John’s identity or where Mary came into contact with John.
Google and Apple intend to implement the contact tracing tools in two phases:
In the first phase, Google and Apple will build APIs to facilitate mobile applications to work on Android and iOS devices. Draft API specifications were published on April 29. Public health authorities will then develop mobile applications that execute the new APIs, which will ultimately be available to users in app stores. When an individual tests positive for COVID-19, they will launch the applicable mobile app, consent to the terms, and opt-in to voluntarily disclose their status as infected.
In the second phase, a Bluetooth based-contact tracing platform will be built into Android and iOS operating systems.
Google and Apple have taken measures to try to address some of the privacy concerns around disclosing identities of people who have tested positive for COVID-19. According to Google and Apple, the tools will not require identifiers to be pooled together, and will not collect location data or personally identifiable information. Recently, the tech giants announced that they would ban location tracking in the new mobile applications developed by health organizations.
Apple and Google are not the first to propose a decentralized type of system. Some European privacy experts have also proposed a decentralized contact tracing system. These experts published a white paper to help demonstrate that there are privacy-preserving approaches to contact tracing.
There are still a number of questions around Google’s and Apple’s tools that we must wait to see play out. For example, how will consent be collected within the mobile apps and what will the disclosures look like? For now, we will continue to monitor the situation for how the tools potentially impact companies throughout the ecosystem.