New features of Android and iOS support a method of contact tracing to help the fight against Coronavirus. Developers like us can now build apps which tell you if you’ve crossed paths with someone who goes on to develop COVID-19. Likewise if you develop the illness you can send out a signal to warn anyone you’ve recently come into contact with, including people you don’t know. Recent updates to smartphones have provided the following options:




Scare stories on social media have used these screenshots to suggest that you are being tracked, or that your privacy is being violated. This is not true. It has to be said, the wording on the iOS page in particular doesn’t help. In fact, those options merely allow you to use COVID-19 tracing apps with specific privacy-centred contact tracing features, and won’t have any effect unless you manually and knowingly install one. Such an app would have to be obtained from the App Store or Google Play, and thus pre-approved and tested by Apple or Google.

But are there privacy concerns if you do choose to install
a contact tracing app?

Apple and Google have worked together to produce a contact tracing protocol which is robustly privacy-centered. It is straightforward, too, which helps – simple technology is usually harder to hack because the fewer moving parts make it easier for developers to test. Several guiding principles ensure that privacy is maintained.

Total anonymity

Everything is entirely anonymous. It is never possible for those who have come into contact with you to determine who you are. This applies even if you later indicate that you are suffering from COVID-19. Likewise it is impossible for you to determine the identity of anyone you’ve been in contact with, even if you are suffering. The anonymity is ensured by the fact that everyone is assigned a random number – no part of this system contains any personally identifiable data.

No location data

Nothing is location-based. The purpose of the technology is to determine if two people’s paths have crossed (and when). It is impossible to tell where those paths crossed. There is no location data in the system.

Untrackable signals

Individuals can’t be tracked using this technology. The signal broadcast by your phone changes every 15 minutes or so, so even if the bad guys set up listening posts, they wouldn’t be able to follow you or determine where you’ve been.

Decentralised architecture

There is no central server or database which has any data to tell who has been in contact with whom. When a person indicates that they have been infected, they upload some cryptographic details related to their random ID. Your phone downloads these keys and uses them to determine if they match any of the IDs your phone has previously detected around you. That’s how you determine if you’ve come into contact with a sufferer. Importantly, all this processing is done on your phone, and there is no centralised server which could ever find out if you’ve had a “hit” or not.

This method of contact tracing, therefore, is extremely secure and built with privacy at its centre. The decentralised system ensures no-one (not even a government) can determine who you’ve been in contact with. There is no location data so you can’t be tracked. Everything is entirely anonymous. And users’ participation and contributions are totally transparent. Ultimately contact tracing is an excellent tool that works entirely to the public’s benefit; the more people that use it, the better.