Privacy authorities face a new challenge as Apple and Google ramp up efforts to embed automatic coronavirus contact tracing into their smartphone operating systems within months.
In an unusual pique of cooperation, the CEOs of Apple and Google announced a partnership that will enable their devices to anonymously record a list of the phones of people that their owners pass close to.
That information, which will be exchanged automatically via promiscuous Bluetooth connections, creates a record of the other people that the user comes into contact with.
The opt-in apps will automatically raise an alert should anyone on that list of contacts later become infected with the COVID-19 coronavirus.
It’s a ubiquitous version of a technique most successfully executed by the government of Singapore, which has convinced over 1 million of its 5.6m citizens to download the TraceTogether app that has been open-sourced for use anywhere in the world.
Google and Apple’s work – which will bear fruit with new operating-system versions by May – will dramatically expand the reach of Bluetooth contact tracing, first by allowing apps from public health authorities to anonymously collect data exchanged by users’ phones.
An app framework provided to formalise the data exchange and, within a few months, the capability will be embedded into both Apple’s iOS and Google’s Android operating systems, extending the contact tracking to an estimated 3 billion combined users.
Making location sharing
Despite Singapore’s early move into phone-based contact tracing – an opt-in version of more-intrusive government tracing efforts in countries like South Korea, China and Israel – many Western governments have balked at ubiquitous mobile-phone tracing.
That could make coronavirus a feather in the cap of Apple and Google, which have been all but begging for use cases that justify their mass collection of users’ location data – already used for tasks like monitoring traffic density and the foot traffic at individual businesses.
Google’s recently released location maps expanded the list by providing insight into the movement of people through common spaces.
However, the prospect of allowing the company to mass-collect data about Australians might be unpalatable for the Australian Competition & Consumer Commission (ACCC), given that the organisation is currently litigating against Google for its past use of location data.
Despite their hunger for mobile phones that track location passively, Australians have been less than enthusiastic about explicit location tracking, with even potentially life-saving advanced mobile location (AML) technology for Triple-0 calls still months away.
Yet early concerns about privacy and government surveillance are giving way to pragmatism, with new apps emerging from governments in France and the UK – which has just launched its own contact-tracing app.
Academics believe phone-based contact tracing could be invaluable in New Zealand, and Australian Prime Minister Scott Morrison recently intimated his government is also looking at options.
A systematic approach to privacy
Yet concerns persist, with some warning that the apps wouldn’t work very well – and many concerned that they would create a privacy nightmare by allowing authorities to not only track users’ movements, but to track whom they associate with on a regular basis.
“Even in desperate times, there are privacy concerns,” Macquarie University Department of Computing professor Dr Dali Kaafar and lecturer Dr Hassan Asghar argued in a recent technical analysis of the TraceTogether code that argued the apps should use a more decentralised architecture to dissipate the concentration of personal data.
Security researchers have been working hard to address such concerns, with Stanford University-University of Waterloo researchers modelling the potential efficacy of apps like their Covid Watch and experts arguing that it is possible to implement contact tracing while preserving individual privacy.
Apple and Google have already published a cryptography specification outlining the way the rapidly evolving system would function, both in co-ordinating the data exchange between devices and in using cryptographic techniques to preserve the privacy of the collected data.
Reflecting concerns about building a centralised database of contacts, that specification requires that any calculated matches are stored on each user’s phone and “not be revealed to the Diagnosis Server” that manages the exchange of the heavily encrypted data.
Privacy-rights organisation the American Civil Liberties Union (ACLU) recently published a white paper analysing the potential “serious practical problems” posed by contact-tracing apps, with surveillance and cybersecurity counsel Jennifer Granick writing in a subsequent analysis that the Google-Apple approach “appears to mitigate the worst privacy and centralisation risks, but there is still room for improvement.”