Finding out that you’ve been exposed to a serious disease through a push notification may still seem like something out of dystopian science fiction. But the ingredients for that exact scenario will be baked into Google and Apple’s operating system in as soon as a matter of days. Now the two companies have shown not only how it will work, but how it could look—and how it’ll let you know if you’re at risk.
On Monday, Apple and Google released a few new details about the Bluetooth system they’re building into both Android and iOS that will let health care authorities track potential encounters with Covid-19. The companies have now made clear that only government agencies—preferably at the national level, Google and Apple say, though they note they’re willing to work with state and regional authorities—will be granted permission to the feature’s application programming interface. If those government-run apps want access to Apple and Google’s Bluetooth-based system, they won’t be allowed to collect location data, and must ask for consent before collecting information on a user’s proximity to others. They’ll need permission to upload any information from the phones of Covid-19 positive people as well.
Read all of our coronavirus coverage here.
The two companies have published sample user interface screenshots for the first time as well. As Google and Apple first outlined last month, their Covid-19 exposure notification system transmits unique, rotating codes from phones via their Bluetooth radios based on cryptographic keys that change daily. They not only keep a log of the last two weeks of your codes, but also listen for the codes broadcast by others. If two people running the app spend a certain amount of time in proximity—say, 10 minutes within six feet, or whatever health care agencies dictate—their phones will both record each others’ Bluetooth codes. If one of them later receives a positive Covid-19 diagnosis, they can choose to upload all of their keys from the last two weeks to the app’s server, which will then send those keys out to the phones of all the other users in their region. Those phones will then check if the codes they’ve recorded from other nearby users can be generated from those keys. If you get a match, the app will show a message that you’ve potentially been exposed to Covid-19 and caution you to self-quarantine or get tested.
Now Google and Apple are showing how some parts of that process might look. The two companies warn, however, that they’re only releasing sample images as references, since health care agencies will build the final apps, not Apple and Google.
Here, for instance, is how Google and Apple suggest the apps ask for user consent to transmit and record Bluetooth codes when the app is first installed:
In another series of screenshots, the companies show how the apps will likely work when a user is diagnosed as Covid-19 positive. As Apple and Google had suggested earlier, they’ll require users to enter a unique code provided by health care providers or a Covid-19 testing lab before allowing them to declare themselves as infected, since otherwise trolls or mistaken self-diagnoses could flood the system with false positives:
Finally, Google and Apple have shown an example of what a notification of potential contact with an infected Covid-19-positive person could look like:
Those sample messages confirm that Google and Apple will make it possible to determine the exact day a contact event occurred. Some developers of contact-tracing apps have argued that offering too much information about the time when a contact event happened will make it too easy to identify Covid-19-positive people, and that apps should only tell the user they’ve been exposed at some indeterminate time in the last two weeks. But others have pointed out that users should know when a contact event occurred so that they can consider factors like whether they were wearing a face mask or other personal protective equipment at the time, whether they were behind a protective barrier, or some other situation that might creative a false positive.
By choosing to tell users the day—but not the time—that they were potentially exposed, Google and Apple appear to have reached a compromise. But the system still leaves open the possibility that some people could have their Covid-19-positive status exposed to strangers without their consent. Someone who is sheltering in place might leave their home only once daily to get their mail, for instance, and come into contact with just a few people—or even just one person. If they’re later alerted they were exposed to Covid-19 that day, they might be able to remember which of their neighbors they saw and learn who has likely been diagnosed with Covid-19.
Plus: What it means to “flatten the curve,” and everything else you need to know about the coronavirus.
That’s just one of the potential pitfalls of Google and Apple’s system. Security researcher Ashkan Soltani has pointed out, for instance, that someone could set up cameras and Bluetooth beacons to identify Covid-19 positive users. The Electronic Frontier Foundation has warned that hackers could record and rebroadcast users’ contact codes to feed false information into the system willy-nilly, though it’s not clear what they’d accomplish with that system other than nihilistic trolling.
But when it comes to privacy preservation, Google and Apple’s system is nonetheless one of the most conservative of all the schemes that developers have proposed to use smartphones for contact-tracing or exposure notification. By focusing on only Bluetooth-based proximity detection, it avoids the privacy peril of collecting location information. And it doesn’t upload anything to the server at all for the vast majority of users who aren’t diagnosed as Covid-19 positive. All of their information stays on their phone.
Apple and Google’s system will likely only work if it’s part of a much larger picture, one that includes widespread testing, social distancing, and manual contact tracing. But it could serve as one piece in that system, another tool to help the world return to normalcy. Now that the companies are publishing samples of the warnings they’ll give to users and the consent they’ll ask from them, people can start to judge for themselves if they’re willing to put that tool in their pocket.
More From WIRED on Covid-19