As a result of feedback from officials around the world, Apple and Google today have disclosed a series of changes to their upcoming COVID-19 contact tracing initiative, with a focus on even stronger privacy protections and accuracy.
/article-new/2020/04/applegoogle.jpg)
- Apple and Google are now referring to "contact tracing" as "exposure notification," which the companies believe better describes the functionality of their upcoming API. The system is intended to notify a person of potential exposure, augmenting broader contact tracing efforts that public health authorities are undertaking.
- Keys will now be randomly generated rather than derived from a temporary tracing key, making it more difficult for someone to guess how the keys are derived and use that information to try and track people.
- Bluetooth metadata will be encrypted, making it more difficult for someone to try and use that information to identify a person.
- Exposure time will be recorded in five minute intervals, with the maximum reported exposure time capped at 30 minutes.
- The API will include information about the power level of the Bluetooth signal in the data that is exchanged between phones. This can be used in conjunction with the RSSI ("Received Signal Strength Indication") to more accurately estimate the distance between two phones when contact was made.
- Apple and Google will allow developers to specify signal strength and duration thresholds for exposure events.
- The API will now allow for determining the number of days since the last exposure event to better determine what actions the user should take next.
- The API's encryption algorithm is switching from HMAC to AES. Many devices have built-in hardware for accelerating AES encryption, so this change should help performance and efficiency on phones.
Further changes to the API specifications will be made over time based on continued feedback from public health authorities.
Apple and Google are targeting next week for the release of the seed version of iOS and Android operating system updates, which will support these APIs to enable testing by public health authority developers. The software update will support iOS devices released in the last four years, dating back to the iPhone 6s and iPhone 6s Plus.
Apple and Google revealed plans for this exposure notification initiative two weeks ago. The joint effort will use Bluetooth to alert users when they have potentially come in close contact with someone who later tests positive for COVID-19, on an opt-in basis. The companies have shared an updated FAQ for users with more details about the system.
Top Rated Comments
(View all)No thanks, this is like opening Pandora’s Box. Once it gets accepted it will not be able to be reigned in, just look at the track record of governments that push for this type of power and control.
Exposure notification ... new world order speech
I love how people are willing to give up privacy on social media, by having a gmail account, or to avoid traffic, but not so much to avoid death, go figure...Also, please make extra copies of your house keys and leave them on the doorstep. Apple will be coming by to pick them up and do a well being checks at random times. This is for your own safety of course.
Can you describe what about this control you're concerned with?No thanks, this is like opening Pandora’s Box. Once it gets accepted it will not be able to be reigned in, just look at the track record of governments that push for this type of power and control.