As we move closer to fully opening up our countries, it seems that individual privacy is being disrupted by the coronavirus pandemic and many are asking if we can trust GPS contact tracing apps.
Google and Apple have partnered up to bring bluetooth and GPS tracking to COVID-19 contact tracing efforts. However, Google is still trying to reverse its poor track record of respecting consumer privacy and the Apple-Google partnership is cautiously trying to avoid any moves that hint at an invasion of individual privacy.
Still, the GPS and Bluetooth technology solution has a number of glaring technical and privacy-protection shortcomings, according to several technologists. In fact, the Apple-Google project has exacerbated a privacy controversy that flared up in Europe in the early stages, one that has more recently been highlighted in the U.S..
The Bluetooth and GPS based contact tracing apps will use people’s iPhones or Android devices to make their status known to a central server, which then sends an anonymized identifier of the infected person then sends the notification to anonymized IDs of non-infected persons who may have happened to be in the same area as the infected. The system then alerts the non-infected persons to self-immunize.
The Apple-Google project is proceeding on two fronts. Initially the Apple-Google project released an API and allowed software developers to design contract-tracing apps leveraging Bluetooth IDs. Meanwhile, the Apple-Google team is focusing on designing systems that will be needed to embed a variety of contact-tracing apps into Apple’s iOS and Google’s Android platforms.
Technology and privacy experts say thing that iPhone and Android users will likely not even trust the Apple-Google solution. Some might be all too familiar with Google’s long standing campaign to collect and monetize health data. Google, for instance, got sanctioned by the UK’s Information Commissioner’s Office (ICO) after Google acquired records for 1.6 million patients of London’s Royal Free hospital.
Privacy and cybersecurity analysts believe individuals will be hesitant to use the Apple-Google contact tracing apps unless the population is properly educated and 100% privacy safeguards are put in place. Even if the public awareness campaign are carried out effectively, many also wonder about limitations of the app, as currently described. Once privacy concerns have been properly addressed and security controls implemented, there is the question of adoptability and usability. There is much data that supports most of the general public will not use apps that require GPS and Bluetooth however currently most states and countries are still hoping that they can build, or partner with firms that will build , an app based only the premise that “if we build it they will come” and not take into account usability or how to attract the needed 60% adoption rates (DAU) needed for any digital contact tracing app to be effective.
If we believe that some form of location-based tracking will be part of the Apple-Google contact tracer, it opens up a lot of privacy concerns, something the American Civil Liberties Union already is scrutinizing. The ACLU issued this report detailing the many ways proactive smartphone location tracking, even for a good cause, can trample privacy. Pointing directly to apps being able to precisely pinpointing a person’s location, moment-to-moment, pivoting off Bluetooth IDs, is not easy to pull off. The ACLU report points to problems arising in an Israeli contact tracing app, similar to the one Apple and Google are working on where there are too many false positives and discouraging the general public from using the app in mass.
Privacy advocates, rightly so, no continue to worry that government authorities and tech giants inevitably will use COVID-19 as an excuse to intensify surveillance. Privacy experts say this could present a scenario whereby a proactive surveillance app that gets pushed out by Apple-Google, initially for a good cause, will ultimately get used by governments and corporations for manipulative and predatory purposes. We all still remember The Wall Street Journal article that reported just last November how Google’s ‘Project Nightingale’ gathers personal medical data from more than 50 million Americans in 21 states, in partnership with the nation’s second largest healthcare provider, Ascension, without informing the patients.
COVID-19 is forcing the privacy issue across the world. Big tech corporations can manipulate the global pandemic as an excuse to permanently deepen smartphone surveillance but we can demand better privacy safe guards not only in the design of the apps but in the privacy standards set by them.
Contact us today to learn how we can help with contact tracing solution that does not rely on GPS technology.