Skip to main content

Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices


Tech giants Apple and Google have joined forces to develop an interoperable contract-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19.

As part of this new initiative, the companies are expected to release an API that public agencies can integrate into their apps. The next iteration will be a built-in system-level platform that uses Bluetooth low energy (BLE) beacons to allow for contact tracing on an opt-in basis.

The APIs are expected to be available mid-May for Android and iOS, with the broader contact tracing system set to roll out "in the coming months."

"Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders," the companies said.

The rare collaboration comes as governments worldwide are increasingly turning to technology such as phone tracking and facial recognition to battle the virus and contain the coronavirus outbreak.
Apple has also launched a new web page announcing the feature, which details the preliminary Bluetooth specifications, cryptography specifications, and the framework API, the contact tracing system will be based on.

Zero Use of Location Data


Unlike existing apps developed by different countries that use real-time location tracking to enforce quarantine rules, the proposed system doesn't involve tracking user locations or other identifying data.

Instead, it leverages BLE beacons to identify if an individual has been around other people who have tested positive COVID-19, thus ensuring that personal privacy is not compromised.

covid coronavirus tracker

Both Apple and Google have emphasized that users will have to provide their explicit consent for it to work. This also means that for it to be effective, millions of people would need to opt-in, necessitating that Apple and Google build adequate privacy safeguards before it's rolled out to the masses.

According to a white paper released by Google, here's how such a system might work:

  1. When two people come in close contact for a certain period of time (say 10 minutes or more), their phones will exchange anonymous identifier beacons. The identifiers rotate every 15 minutes and have no personally identifiable information.
  2. If one of the two is positively diagnosed for COVID-19, that infected person can enter the test result into an app from a public health authority that has integrated the aforementioned API.
  3. Then, the infected person can consent to upload the last 14 days of his or her broadcast beacons to the system.
  4. Any other person who has been in close proximity to the individual tested positive will then be alerted if there exists a beacon on the device that matches the broadcast beacons of everyone who has tested positive for COVID-19 in the region.
  5. The app then provides the individual with information about the next steps.

"This model places less trust in a central authority, but it creates new risks to users who share their infection status that must be mitigated or accepted," the Electronic Frontier Foundation (EFF) said about the proposal.

"Full transparency about how the apps and the APIs operate, including open source code, is necessary for people to understand, and give their informed consent to the risks," it added.

Apple and Google's system is along the lines of TraceTogether, an app developed by Singapore government officials to enable contact tracing via Bluetooth.
The app, now open-sourced, uses Bluetooth Relative Signal Strength Indicator (RSSI) readings between devices to determine the proximity and duration of an encounter between two individuals. The records of encounters are stored in their respective phones for 21 days.

Apps like COVID-Watch and MIT's Private Kit: Safe Paths, likewise, rely on a mix of GPS and Bluetooth data to track people who've crossed paths with another over a rolling period of 14 days.

covid coronavirus tracker

That's not all. A group of academics from European research institutions has proposed a decentralized system for Bluetooth-based COVID-19 contacts tracing, dubbed "Decentralized Privacy-Preserving Proximity Tracing" (DP-PPT), that aims to "minimize privacy and security risks for individuals and communities, and guarantee the highest level of data protection."

Privacy Concerns With Pandemic Surveillance


The need to single out infected individuals and maintain quarantines has led governments across the world to enact tough surveillance measures. So far, over 28 countries have adopted a mix of smartphone tracking, electronic tracking wristbands, and even require citizens to send a picture of themselves at home within 20 minutes or face a fine.

In response to privacy concerns raised by the European Data Protection Supervisor, the European Union said it would adopt a "pan-European approach" to using mobile apps to track the spread of the coronavirus and include a common scheme for using anonymous, aggregated data to trace people who come into contact with those infected and to monitor those under quarantine.

Earlier this week, the American Civil Liberties Union (ACLU) raised concerns about tracking users with aggregated phone data, arguing that any system would need to be limited in scope and avoid any potential for invasions of privacy and abuse.

Although countries like South Korea have been able to minimize the outbreak through an extensive contact tracing program, it also raises questions about consent, such as whether users can opt-out before such data is collected and stored — not to mention the potential danger of turning a blind eye to its privacy risks.

Specifically, how long will the data collection go on, and when will it be deleted? It's also crucial to ensure that the gathered anonymized data cannot be reverse-engineered to track people.

Cybersecurity expert Bruce Schneier said that any data collection and digital monitoring initiative "must be scientifically justified and deemed necessary by public health experts for the purpose of containment. And that data processing must be proportionate to the need."

Urging the need to protect civil liberties during the crisis, the EFF said bypassing certain privacy protections is warranted, but warned that "any extraordinary measures used to manage a specific crisis must not become permanent fixtures in the landscape of government intrusions into daily life."

Put differently, these programs shouldn't pave the way for government overreach or draconian monitoring systems that will continue to live on even after the current outbreak has died down. Including strong privacy guarantees are the right means to make sure that emergency measures don't become the new normal.

No doubt, it's a slippery slope. In the race to stem its spread and control the situation, mobilizing a pandemic surveillance apparatus to help contain the outbreak requires an adequate balance between transparency, meeting public health needs, and civil rights.



Comments

Popular posts from this blog

10 Best Forum Software For Webmasters

10 Best Forum Software For Webmasters Do you want to create your online discussion forum or online community where people can discuss about their favorite topics? In this article, you can see 10 best forum software (scripts for setting up discussion forums) that can be used free of cost. Although some scripts are paid but rest of these forum scripts are free to use.You only need to buy hosting space and domain name for your website and after then you can install any of these forum scripts to start your own discussion forums on the internet. Online discussion forums generate huge page views because thousands of people want to join online discussion forums to ask questions or share knowledge. Some of online marketers join forums to discuss about their products with community members. You don't need to acquire any kind of technical skill to run a professional discussion forums because these days, almost all web hosting providers offer one click script installer which h...

How to Hack WhatsApp using just a GIF

A picture is worth a thousand words, but a GIF is worth a thousand pictures. Today, the short looping clips, GIFs are everywhere—on your social media, on your message boards, on your chats, helping users perfectly express their emotions, making people laugh, and reliving a highlight. But what if an innocent-looking GIF greeting with Good morning, Happy Birthday, or Merry Christmas message hacks your smartphone? Well, not a theoretical idea anymore. WhatsApp has recently patched a critical security vulnerability in its app for Android, which remained unpatched for at least 3 months after being discovered, and if exploited, could have allowed remote hackers to compromise Android devices and potentially steal files and chat messages. WhatsApp Remote Code Execution Vulnerability The vulnerability, tracked as  CVE-2019-11932 , is a double-free memory corruption bug that doesn't actually reside in the WhatsApp code itself, but in an open-source GIF image parsing library that What...

|Bypass Symlink on 2013 Server With Different .htaccess and Methods by Sen Haxor |

Hi, Guys,  Please a wonderfull tutorial provided bt Sem;\  Today I gonna Explain how to bypass Symlink on 2013 Server With Different .htaccess and Methods. So let's Get Started :) Note: This method is not applicable for Godaddy, Bluehost, Hostgator and Hostmonstor Servers. For This First You Need the Following Files : 1 -> Sen Haxor CGI Shell 2 -> sen.zip 3 -> passwd-bypass.php 4 -> Turbo Brute force Cpanel 5 - > Port.py First Before Starting to symlink we need to create php.ini and ini.php to Disable Safe mode and Disabled Functions on the server . Use the Following Code : Make a php.ini with the following code safe_mode=Off And ini.php with <? echo ini_get("safe_mode"); echo ini_get("open_basedir"); include($_GET["file"]); ini_restore("safe_mode"); ini_restore("open_basedir"); echo ini_get("safe_mode"); echo...