Due to the ongoing threat posed by SARS-CoV-2, Google and Apple have teamed up to announce a new API and Bluetooth Low Energy specification called “Contact Tracing.” The idea behind contact tracing is to inform users if they’ve recently been in contact with someone who has been positively diagnosed with COVID-19. South Korea and Taiwan have successfully “flattened the curve,” as in they’ve limited the number of new cases to fall below the capacity of their healthcare systems, by implementing widespread testing and contact tracing. According to the Associated Press, several countries in Europe including the Czech Republic, the U.K., Germany, and Italy are developing their own contact tracing tools. Apple and Google hope to empower nations and medical organizations around the world with the ability to trace the spread of the novel coronavirus, but the two companies also recognize the potential privacy concerns with this pandemic containment method. That’s why the two companies have created the new API and Bluetooth spec “with user privacy and security central to the design.”
Google and Apple published blog posts and documents that outline their goals to roll out a new API and Bluetooth LE service. Due to urgent need, both companies are tackling this problem in two stages. First, in May, both companies will release an API that “[enables] interoperability between Android and iOS devices using apps from public health authorities.” These apps will be made available for users to download on the Google Play Store and Apple App Store. On Android, the API will likely become available for apps through an update to Google Play Services. Second, in the next few months, both Google and Apple will add support for a new Bluetooth Low Energy service into Android and iOS. For iOS, this new BLE service will likely come via an OS update, while for Android, this service will likely be added as part of another update to Google Play Services. Google says that adding a Bluetooth LE Contact Tracing service “is a more robust solution than an API and would allow more individuals to participate, if they choose to opt in, as well as enable interaction with a broader ecosystem of apps and government health authorities.”
Once an app integrates the new API or the BLE specification has been integrated, Android and iOS users can receive notifications if they’ve recently been in contact with someone who has been diagnosed with COVID-19. Notably, the BLE solution will not require the user to have an application installed (presumably they just need Google Play Services), but if they choose to install one of the official apps, then the app can inform them on the next steps to take after they receive a notification. This will allow users to decide if they need to self-quarantine for 14 days or to seek testing and further medical intervention. Here is an example flow of what Google and Apple envision will be possible with this new Bluetooth LE service:
An overview of COVID-19 contact tracing using Bluetooth Low Energy. Source: Google/Apple.
Here is what Google says about how they designed the new Android Contact Tracing API to protect user privacy and security:
- Apps calling the API via the startContactTracing method are required to get user consent to start contact tracing. If this is the first time the API is being invoked, the user will be shown a dialog asking for permission to start tracing.
- In order to be whitelisted to use this API, apps “will be required to timestamp and cryptographically sign the set of keys before delivery to the server with the signature of an authorized medical authority.” In other words, unauthorized COVID-19 apps will not be allowed to use this API.
- If the user uninstalls the app, the stopContactTracing method “will be automatically invoked and the database and keys will be wiped from the device.”
- The user, after having confirmed a positive diagnosis of COVID-19, must grant explicit consent to upload 14 days of daily tracing keys. A dialog will be shown to the user if the app calls the startSharingDailyTracingKeys method.
- Users will be shown what date and for how long they were in contact with a potentially contagious person, down to increments of 5 minutes, but not who or where the contact occurred.
Here is how the new BLE Contact Detection Service will protect user privacy and security:
- The spec does not require the user’s location or any other personally identifiable information. Location-use is completely optional and is only done after the user provides explicit consent.
- Rolling Proximity Identifiers are changed every 15 minutes on average, which makes it “unlikely that user location can be tracked via Bluetooth over time.”
- Proximity identifiers retrieved from other devices “are processed exclusively on device.” This means that the “list of people you’ve been in contact with never leaves your phone.”
- It’s up to the user to decide if they want to contribute to contact tracing. Users who are diagnosed with COVID-19 must consent to sharing Diagnosis Keys with the server. There will be transparency about the user’s participation in contact tracing, and “people who test positive are not identified to other users, Google, or Apple.” In fact, this information “will only be used for contact tracing by public health authorities for COVID-19 pandemic management.”
- In case you’re wondering, the Content Detection Service should not significantly drain the battery of a device if the hardware and the OS support “Bluetooth controller duplicate filters and other [hardware] filters” to “account for large volumes of advertisers in public spaces.” Scanning is “opportunistic,” meaning it can occur within existing wake and scan window cycles, but will also occur at a minimum of every 5 minutes.
Because the new Contact Tracing specs are designed with user privacy and security in mind, it’s debatable how effective they’ll be at limiting the spread of COVID-19. According to The Verge, such opt-in, non-invasive contact tracing measures may have limited effectiveness. The issues boil down to a lack of widespread adoption by the population and a potentially large number of false-positive Bluetooth proximity events. Still, I hope this new initiative is successful. It’s rare to see Google and Apple collaborate on anything, but desperate times call for desperate measures.
This article was updated at 4:08PM EST on April 10, 2020, to reflect that the new API and BLE service will likely arrive on Android via updates to Google Play Services.
Want more posts like this delivered to your inbox? Enter your email to be subscribed to our newsletter.