tracing codes, then use the public health app
to download the keys of those who were later
diagnosed. However, this in itself is unlikely and
would require a lot of manpower to succeed.
Another way that Apple and Google are hoping
to eliminate privacy concerns is by using
Bluetooth tracking rather than GPS location data.
Some apps that use the API may ask for location
data to better track infections, but they must
ask permission from the user first, and every
app must follow the pair’s strict guidelines to
ensure user privacy is protected.
Because contact-tracing schemes are designed
to send data only when necessary to servers, the
vast majority of users will find that their keys are
never uploaded to the cloud. And, if they are,
they’ll be done so anonymously. Theoretically,
keys could be linked to IP addresses of phones
that upload them and identify users, but it’s only
government and healthcare agencies that will
run servers and each will implement their own
stringent security measures.
Finally, it’s important to consider the risk of false
positives. Aside from concerns over using the
apps for surveillance, some worry that contact-
tracing apps could be overwhelmed by incorrect
reports and trolls. Some will self-diagnose
incorrectly and others will spam the system to
cause unnecessary alarm. Some have suggested
that only those who have a healthcare provider’s
approval should self-report, with governments
issuing confirmation codes like two-factor
authentication or a QR to ensure nobody
enters a false diagnosis.
And there’s another problem that can arise
from false positives: whilst viruses don’t leak