How Exposure Contact Tracing Apps Are Designed For Your Privacy
Recently, Google and Apple published a final set of technical guidelines for government application developers to use when integrating with Android and iOS phones. As someone that reads and creates similar specifications for a living, I was very interested in the design choices that they would make. Each architectural choice gives perspective into the author’s values just as you might glean insights from interpreting a painting or reading a novel. After reading through these documents, I’ve been pleasantly surprised by the focus on protecting individual privacy. Let’s break down what exposure tracing is and what key architectural decisions the authors made.
These apps have one purpose: to notify you if you’ve recently been in contact with someone who may be infected. At its core, there are two key components, tracking and matching. Your phone uses Bluetooth to keep track of nearby phones with the app. A couple of times a day, it downloads a list of people who have been confirmed to have the virus, and it tries to match your list to that one. If there’s a match, it tells you. It’s as simple as that.
Of course, the specification that Google and Apple released was slightly more extensive than that. There’s more complexity to protect your privacy. Here’s three instances where they’ve done so, and some alternatives…
