back to article Apple, Google begin to spread pro-privacy, batt-friendly coronavirus contact-tracing API for phone apps

Apple and Google have officially released their Exposure Notification API, a joint technology project to allows public health organizations to build mobile apps capable of efficient and anonymous coronavirus contact tracing via Bluetooth. The basic idea is that you run one of these apps on your phone, and the software uses the …

  1. Anonymous Coward
    Anonymous Coward

    It's a sad day

    when Google and Apple are trusted more than the Government.

    1. This post has been deleted by its author

    2. Denarius Silver badge

      Re: It's a sad day

      however, the world gets weirder by the year. Whats next ? FBI or NSA being identified as t.rr.r.sts ?

      Already known to have indulged in criminal activity. That is, if anyone else did it. I await the release of M$ Linux with the APT package manager and RPM packages, requiring alien, scripted in PowerShell. Local cats and dogs already live together in harmony

    3. Anonymous Coward
      Anonymous Coward

      Re: It's a sad day

      Google and Apple are not being trusted per se, DP3T is.

      Also it's perfectly fine to accept a solution that is correct/best-effort, even when it is from a source one doesn't normally trust.

      Just a shame that the Tories can't be arsed to do the right thing in the UK and we will no doubt be forced to use a broken app that invades our privacy.

  2. cb7

    Aww bless. Apple actually collaborating with others for a change. Shame it took a global pandemic to make it happen.

    I still can't see it becoming a habit though.

    1. Anonymous Coward
      Anonymous Coward

      I still trust Apple over Google - at least it generates most of its income from things that do NOT aggressively violate privacy to grab people's data. I suspect that they're also the reason they seem to use DP-3T as protocol (the transmission of randomised data suggests this), but I would not trust Google to not "accidentally*" store that data for much longer.

      * That is "accidentally" as in "accidentally" installing a full WiFi recording facility including backend to hold the collected data during their Streetview exercise..

      1. Anonymous Coward
        Anonymous Coward

        Accidentally

        Yes, accidentally indeed.

        "No data goes to Apple or Google"

        I have no way of knowing if that is true, but I do know that if I am on a recent version of Android and I want to enable bluetooth to use one of these apps, then in order to do so, thanks to recent "improvements in security" and to "protect me from apps being able to track me silently" I now have to first enable fine location services and gps, and leave them running all the time in order for BLE to work.

        This means location services are available for Google and other apps to use as they please unless I take the trouble to go and specifically deny access individually. I am sure that is accidental too.

        1. Boothy

          Re: Accidentally

          Apparently part of the issue with location services and Bluetooth BLE, is the increasing use of Bluetooth beacons. If BLE could be enabled without location services being on, it would still mean some apps could find your location via the beacons. Therefore Google pushed BLE into location services, so turn location off, you also turn BLE off.

          Not saying this was the right choice, but I can sort of understand the rational.

          Personally I'd much rather have more granular control of a device, and be able to explicitly switch on/off regular Bluetooth, BLE, GPS etc all separately, and also deny, by default, any apps from accessing those services, and only enable it on a per app, per function basis. But I suspect this goes directly against what Google are trying to do with Android!

          1. Anonymous Coward
            Anonymous Coward

            Re: Accidentally

            I get that, but if the aim is to alert the user to misuse, as is the stated aim, then the first step they adopted, which was to make the user allow location *permission* if they wanted to use wifi scanning or bluetooth (because it affects both) made sense.

            However what does not make sense is the current situation on the latest Android version where not only do you have to give the permission, you have to actually turn on location services, and enable gps and leave them on continuously if you want to be able to scan wifi or use bluetooth BLE.

            For instance, I use Davx and it has a feature to only sync to a local caldav calendar when connected to my local network. It used to work. However, since the Android upgrade, that will no longer work unless I give permission (fair) for location services, and enable gps and location services and leave them on all the time.

            Playing devils advocate, that gives Android a handy way to "accidentally" map every combination of the signal strength of visible access points and beacons to an actual gps location. With the NHS app that could be a considerable harvesting of data.

          2. Anonymous Coward
            Anonymous Coward

            Re: Accidentally

            Your brain is broken if you 'understand the rationale'. Any rational person would arrive at a solution to allow BLE data transmission (with 'bluetooth data' permission) but spoof/block signal strength unless 'bluetooth location' permission was also granted.

        2. gnasher729 Silver badge

          Re: Accidentally

          "if I am on a recent version of Android and I want to enable bluetooth to use one of these apps, then in order to do so ... I now have to first enable fine location services and gps"

          That's a recent version of Android. You will need the latest. Apple explicitly _doesn't_ allow apps using this API to use location services (which includes gps). I don't know exactly what Google does, so I expect them to do the same. Most likely they just didn't separate permissions fine enough.

    2. macjules Silver badge

      Will my data be monetized by Google or Apple?

      No, there will be no monetization from this project by Apple or Google. Consistent with well- established privacy principles, both companies are minimizing data used by the system and relying on users’ devices to process information.

      I see that winged pigs can now make use of Heathrow and Gatwick for practice.

      1. spold Silver badge

        You can pay extra for ad-free versions....

        When the ads change from hydroxychloroquine to undertakers you know there is a problem....

    3. ThomH

      The Thunderbolt interface begs to differ. As does the Clang compiler.

  3. Gra4662

    Batt friendly?

    Bat friendly, didn't it originate in Bats :)

    1. Warm Braw Silver badge
      Coat

      Re: Batt friendly?

      Expect Trump to charge them shortly.

  4. Pascal Monett Silver badge

    "the politically fraught task of policing home-grown implementations"

    Now that I can understand. And we have a magnificent example, don't we, NHS ?

    I do prefer that the two major players get their teams on this issue and iron out a common solution. I like that they say that no data goes back either of them, but I'll wait until the experts demonstrate that that is true.

    In any case, I do believe that Google & Apple (Googapple ?) are less of a risk than some local company who got the job because the CEO goes golfing with the minister's brother.

    Plus, at least the techs in both companies know exactly what their platform can do and how to call on it most efficiently. Knowing how to program an app for a mobile platform does not mean you know how to do the job using the least amount of power possible.

    So good on Googapple. Let's just keep in mind the age-old adage : trust, but verify.

    1. Brewster's Angle Grinder Silver badge

      Re: "the politically fraught task of policing home-grown implementations"

      "Googapple"

      I propose we take the "App" from Apple and the "le" from Google and make the portmanteau for the the combined Apple-Google collective: LeApp.

    2. Anonymous Coward
      Anonymous Coward

      Re: "the politically fraught task of policing home-grown implementations"

      Goople?

  5. Boothy
    Linux

    Shame in a way it's a closed API

    Shame in a way it's a closed API (although I very much understand why that's the case).

    As someone, or more likely a team, could knock up a UK Open Sourced version, using the API, and with none of the centralised crap. Fully peer reviewed etc.

    This could then get promoted by all the various privacy groups etc that are currently lambasting the NHS version.

    Won't happen though, as they'd need access to the API, and cooperation from the NHS for the testing positive side of things.

    1. gnasher729 Silver badge

      Re: Shame in a way it's a closed API

      Apple allows one national health provider per country to publish an app using the API. So NHS Scotland Could write one. To keep people safe, and to piss off Boris Johnson. Don’t know what would be higher priority. Would work everywhere in the U.K. obviously.

    2. ThomH

      Re: Shame in a way it's a closed API

      I think the intention is to require that human beings who are politically accountable be in the chain of responsibility for sending out the positive diagnosis alerts. Otherwise the 4chan script kiddies would spam the heck out of it, reducing its value back to zero as people uninstall.

  6. Ian Johnston Silver badge

    It's hard to think of a worse idea. It just won't work. The way out of these is not to trust people to advertise their status (how would they even know) and to go go into hiding instantly if they get a notification (what happens of it comes when they are 200 miles away from home) while simultaneously handing governments the biggest surveillance opportunity in history.

    Anyway, it uses bluetooth, so it has by definition failed already. Let's entrust the lives of thousands to a technology which after twenty years can't transfer a file reliably, shall we?

    1. John H Woods Silver badge

      BLE isn't really "Bluetooth" in that respect

    2. ThomH

      No part of this requires you to trust people to advertise their status, or to trust that everybody go into hiding if they get a notification.

      Taking the UK as an example, Apple and Google have provided only an API because the NHS is supposed to supply the app. The NHS then feeds in the individual diagnoses. So: this system asks you to trust the NHS's ability to tell who has COVID and who doesn't.

      As to your other concern, exactly the same observations apply as to social distancing in general. The objective is that enough people will act sensibly that the rate of spread will be sufficiently reduced that the health services can cope with the quantity of people who nevertheless fall sick.

  7. Anonymous Coward
    Anonymous Coward

    What happens if you have come into contact with someone who later tests positive and should be self isolating but your bluetooth registers a contact with someone new?

    I don't think anyone has said this and it's important because the implications are huge from a policing perspective depending on how the government proceeds. Will they introduce fines? Forced quarantine? Will this new contact be informed they need to self isolate as well? I really don't like where this is all going.

    1. John H Woods Silver badge

      re: should be self-isolating

      The whole point is that they will just know that identifier 817398714354652 should be self isolating and isn't - they won't know who it is.

      1. Bob7300

        Re: re: should be self-isolating

        817398714354652 is a dick, never liked the.

        1. AndrueC Silver badge
          Happy

          Re: re: should be self-isolating

          Ale Elatey was a nice chap. Let's see who gets that reference without using Google. :)

          Not a bad book that and quite prescient. Although the title of the book could give one pause.

      2. Roland6 Silver badge

        Re: re: should be self-isolating

        The specification paper for DP-3T on GitHub, isn't totally clear on this.

        it is clear that once someone declares they are infected, their app will forward their current id to the central system/DB and then generate a new id.

        What is not clear is whether this new id is temporary ie. valid for 3 weeks of self-isolation. or what. and whether other devices can on seeing this id. immediately identify it as being a live CoViD19 carrier and thus avoid immediately.

        I would hope that some more detail does exist on this important aspect of the app.

      3. Maelstorm

        Re: re: should be self-isolating

        Well, I'm sure the government can find out who it is by getting the assigned phone number off the phone. However, with the latest changes in Android with respect to privacy, that might no longer be an option.

        1. gnasher729 Silver badge

          Re: re: should be self-isolating

          "Well, I'm sure the government can find out who it is by getting the assigned phone number off the phone."

          The app can find it if it has permissions. If that is passed on to the government, then we'll find out. I mean the NHSX plan is that they hire 21,000 people who track down anyone who got close to someone infected by questioning that person.

      4. Bo Lox

        Re: re: should be self-isolating

        "they won't know who it is"

        Of course they will. All they need to do is to use the existing provisions of RIPA to request a data dump from the mobile operators and cross-reference it. Hey presto. Anonymity gone in no time at all.

        1. gnasher729 Silver badge

          Re: re: should be self-isolating

          Mobile operators wouldn’t have a clue because everything is encrypted.

    2. ThatOne Silver badge

      > should be self isolating but your bluetooth registers a contact with someone new

      It is bound to happen, unless you self-isolate on a desert island. In an city apartment bluetooth is able to go through the walls and all your immediate neighbors and their visitors, despite not seeing you, will keep "contacting" you, isolation or not.

      But on the other hand I guess it doesn't really matter, since the app only knows two statuses, "healthy" and "sick", so as long as you don't pull the "I've got Covid-19 myself" lever, you are deemed just another healthy citizen, even if you've potentially become sick and infectious.

      False positive and false negative numbers will most likely be huge, but hey, we've been doing something!

    3. Spanners Silver badge
      Flame

      " I really don't like where this is all going"

      We might not but I suspect that Dominic Cummings does!

    4. gnasher729 Silver badge

      "What happens if you have come into contact with someone who later tests positive and should be self isolating but your bluetooth registers a contact with someone new?"

      You should be self isolating - nobody can force you obviously.

      Other users coming near you will be told _when you register yourself as infected_.

      We would hope that _either_ you are lucky and didn't get infected, or you went into lockdown and therefore nobody was near enough to you. In the end if X was infected and got close to 20 people and 14 people are warned (because not everyone has the app) and one decides to carry on, that's still 13 people not infecting anyone.

      1. druck Silver badge

        That's 13 people out of the workforce for up to two weeks (depending on how quickly they can get tested), from contact with just one person who tested positive. It will result in effectively a permanent lock down of everyone using the app, and at some point the money to pay to them keep self isolating over and over again, will run out.

        1. gnasher729 Silver badge

          Do the maths. 66 million are in lockdown right now. If we have 50,000 infected and each one puts 20 into lockdown that’s 1 million only. 66 times improvement. And if we have too many infections it’s back to lockdown for everyone anyway.

          1. druck Silver badge

            And those twenty put another 20 in isolation, so on and so forth.

  8. FlamingDeath

    And there we have it, the word ‘smart’ finally revealing its true meaning in a phone, and unsurprisingly its Orwellian

    I guess I wont be updating my phone then and it is actually going to be abandoned.

    I don't really care what any of you muppets think about this covid19 thing, but my third eye is buzzing like a mofo

    Wasn’t it IBM who created something historically to help catalogue mass murder?

    1. Ian Johnston Silver badge

      If I turn GPS and Bluetooth on on my phone I lose half my battery life. I have mobile data on either, because turning it off quadruples time between charges. Any system which requires voluntary action at both ends of a link which many people don't have and many don't use is doomed to failure.

      1. Maelstorm
        Terminator

        Bluetooth

        I've never used bluetooth. It's disabled on my phone, so the app isn't going anywhere. Besides, they can't force you to install an app if you don't want to. So this is doomed to failure anyways.

        1. gnasher729 Silver badge

          Re: Bluetooth

          I don't get it. Do you want to go back to work or not? Do you want to be told if you are at risk or not?

        2. Anonymous Coward
          Anonymous Coward

          Re: Bluetooth

          "I've never used bluetooth. It's disabled on my phone, so the app isn't going anywhere."

          Yeah, that's what I thought too....

          I had never turned on Bluetooth on my iPhone either and have it locked down as much as possible and no third-party apps installed either.

          But installing LibMobileDevice on a MacBook Pro to view logs of my iphone in real-time shows that Bluetooth is very much alive and active on my iPhone.

          From the captured logs I can see:

          "default <redacted time stamp> rapportd Bluetooth address changed: <redacted>"

          "default <redacted time stamp> bluetoothd Unregistered session <redacted>"

          and this one....

          "default <redacted time stamp> bluetoothd Current spy scan clients: <private>"

          And these logs were taken a week ago running IOS 13.4.1

          I'm not sure what to make of that last log and the unfortunate wording: "spy scan clients" though?

    2. Boothy

      Quote: "I guess I wont be updating my phone then"

      You don't mention what phone OS you have.

      If it's Android, then the update is via Google Play Services, so is automatic on Android 5.0+ (with Googles' stuff installed of course), Google Play Services also does silent auto-updates, so ignores the Play Stores setting for automatic app updates.

      You'd have to disable data for Google Play Services (which may well break other things), or never use data or WiFi on that phone again, or do something else to block the silent updates.

      Plus of course you'd have to never buy a new Android or Apple phone again, as any new ones will have this new API baked in anyway eventually.

    3. ThomH

      It's an API. It gives you the option of installing an app that uses that API. If you don't want to help out with contact tracing, don't help out.

      If you're already walking around with a GPS-enabled, radio-transmitting camera and microphone in your pocket then deciding that using those features to try to help reduce the spread of a once-in-a-hundred-years virus is the line you won't cross feels somewhat askew from a logical decision process.

  9. Anonymous Coward
    Anonymous Coward

    "And if there's a match indicating the user was in the vicinity of someone with a positive diagnosis, the user will – if settings allow – be notified and advised on what to do next."

    I am still not sure that this proximity sensing will work well enough. The number of false negatives might be staggering. A little video demonstration, I will eat my hat and be amazed of this fluctuation in signal strength can be smoothed out by algorithms to the point of usefulness.

    https://www.youtube.com/watch?v=SAi24ctpyZQ&feature=youtu.be&disable_polymer=1

    1. druck Silver badge

      It's the number of false positives you need to worry about, if you are going to be able to go back to the real world for more than a few hours each time, before being told you need to self isolate for another two weeks.

  10. Anonymous Coward
    Anonymous Coward

    Here's the fun part.

    Imagine these random strings are preserved instead of discarded as vaguely promised (the above reference to the Streetview affair is a good example of just how much certain parties can be trusted in that respect), so you now know the holder of device 6635341 and/or those who were in proximity has had a run in with Covid19.

    That information is an absolute goldmine to advertisers, and pharma has a LOT more money to pay for ads - you now know which device to push ads to (no need to know the owner, although any other use of the adslinger's services could give that away due to match on device ID. That's why I would not trust an ad slinger with that data. Nor a government, but for different reasons..

    1. gnasher729 Silver badge

      Re: Here's the fun part.

      You don't know anything about the holder of device 6635431. You know something about the holder of a phone that at one point generated a random number. And _only_ if that person tested positive. So first we are down from 66 million people to a few ten thousand, _and_ there is nothing that lets you identify them.

  11. Nifty

    Please leave your phones in the lockers provided outside before entering this operating theatre...

  12. rjsmall

    Has no-one thought of the children?

    I am curious as to how any of these tracking / tracing apps are meant to account for primary school (or lower) aged children. Most of these children probably won't have their own device so isn't this a rather large chunk of the population (who are potentially very good at spreading the virus) that are going to be missed?

    1. Caver_Dave

      Re: Has no-one thought of the children?

      The WHO has many studies that show that children are almost immune to the illness and very unlikely to infect anyone even if they do catch it.

      Child to child transmission is almost zero

      Child to adult transmission is almost zero

      The above two reasons is why schools are open in many countries

      Adult to child transmission is very low

      In the UK 1% of all over 90's have already died from it

      30% of all those who have died from it were over-weight and had Type II Diabetes

      Death from Covid-19 is very age and illness related.

      The figures are all published, but they don't make Tabloid headlines and don't keep Union reps in the faces of employers.

      Unless you are a pensioner with underlying health conditions, the most dangerous part of your working day will still be the travel to and from!

      1. Anonymous Coward
        Anonymous Coward

        Re: Has no-one thought of the children?

        I wouldn't trivialise this - it has emerged that there are plenty factors out there that can trigger the more dangerous aspects of Covid19, and re-infection apparently comes with a whole new gamut of problems.

        As far as I can tell right now, the core issue seems to be changes in blood coagulation factors which leads to clotting, with all the associated issues. That's summarising, of course, but it appears to better explain the breath of problems that occur when an infection is not well tolerated.

        You're better off not getting it, even if you think you're not in the groups at risk, also because it then turns you into a carrier..

  13. gnasher729 Silver badge

    In your article: "Apple and Google insist that no data will be shared with public health authority apps, apart from two exceptions. "

    I think this is very misleading. The first bit of information you mention is stored on the phone, the second bit is stored on Apple's or Google's servers and delivered to all the phones that are enrolled, but none if it is directly available to the application and none is available to public health authorities. The only thing that becomes available to the application is the fact that the phone running the application was too close to another phone running the application, whose owner declared themselves to be infected.

    So there is nothing that is directly or indirectly accessible to anyone.

  14. Stuart 22

    According to WHO?

    "Child to adult transmission is almost zero" - Caver_Dave

    Might be, might not be. No one yet knows for sure. Google to find false or premature claims in this area like this one debunked here: https://fullfact.org/health/children-transmitting-coronavirus/

    Or this report in Nature: https://www.nature.com/articles/d41586-020-01354-0

    Awful to see some notorious but influential journalists cherry picking statistics to fit their agenda and trying to infect the population. Bit like Covid-19 and possibly just as lethal.

    1. TheMeerkat

      Re: According to WHO?

      Most of the journalists at the moment picking up scare stories and ignore anything that makes us fear less.

      Fear sells newspapers.

  15. Stangely Brown

    Have you looked before complaining?

    None of it really matters anyway because, in the UK and for now at least, the feature, while present, is "Not availabe in your region" so is greyed out unusable. If the NHS get their act together and arrange for an app to take advantage of it I suspect that may change.

    1. diodesign (Written by Reg staff) Silver badge

      Re: Have you looked before complaining?

      Under Google + Apple rules, there can be only one app operating in a region using the API so it'll be grayed out in the UK until the NHS plugs into it.

      C.

      1. Anonymous Coward
        Anonymous Coward

        Re: Have you looked before complaining?

        If it's a standardised API why only allow one app per region? All apps should be compatible. Moving from one region to another should make no difference to functionality. Each app should beacon a unique 'infected database lookup url' that any other app receiving contact indications from, should be able to interrogate for infected contacts. Moving between the UK, scotland, france, germany should all work seamlessly, as the UK app will tell the French app go to https://nhs.gov/covidEndPoint to lookup potential contacts, and the french app will tell the UK app to go to https://wherever.fr/etc to do the same. Multiple apps in each country could do similar.

  16. Doug_S

    That's great

    I installed iOS 13.5 yesterday and looked at the inactive switch to turn it on. How long will it be before the US releases an app to make use of this?

    Or are they going to pass that off to the states like they have with everything else, so that Trump can claim he isn't to blame for anything that goes wrong? Surely requiring 50 separate efforts (and therefore ignoring the 10 or 20 million people who commute across state lines every day) isn't going to be a problem...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020