>it took less than 30 minutes looking at the code the day it was released for me to spot multiple issues ranging from the basic to the severe, including many day one rookie mistakes.
Expect the Apple and Google apps to be similar, only expect the data to be replicated to an offshore DB to allow non-GDPR compliant processing...
As the first commenter said, for the app to work, information that identifies a phone/person needs to be retained and exchanged with other identifiable phones/persons. All solutions require the information to be shared via a 'trusted' broker...