The contact-tracing system developed together by Google and Apple to help combat Covid-19 will be disabled by the two companies when it is no longer needed, they said on Friday.
The announcement earlier this month that the two technology giants would work together on the technology was met with concerns from some about privacy and civil liberties, despite both companies pledging to put the privacy of users first when rolling out the new tool.
The first version of the application programming interface is expected to be available in the coming days, and more information has now emerged about how it will work.
The two-stage project would first allow Android and iOS devices to talk to each other through the third party apps from the different health authorities around the world, with a second stage seeing the technology built into the underlying operating systems.
Crucially, the system will only be used for contact tracing by public health authorities apps, and once it is not longer needed, will be disabled.
Once enabled on a user’s device, the system will send out a beacon through bluetooth that can be recorded and stored securely on any device that comes within range. To help protect privacy, the beacon includes a string of random numbers that change every 10-20 minutes and are not tied to a user’s identity.
When people confirm they have been diagnosed with Covid-19 and upload that information to their respective public health apps, the most recent beacon will be used to identify the patient while still preserving their privacy.
The system will periodically download a list of beacons that have been identified as belonging to Covid-19 patients, and a user’s device can then match the list to the beacons it has stored, providing a way to alert those who have come in contact with confirmed cases.
Identity
However, the identity of users – even those who have tested positive for the virus – will never disclosed to other users, Google or Apple.
Use of the technology is designed to be opt in, the companies said, and a number of changes have been made to the system to further protect privacy since the project was initially announced. Among those is the limiting of recorded contact to 30 minutes, with the minimum time limit set by public health authorities. The keys it uses to identify users will also be randomly generated.
No location data is recorded by the system, with the strength of the bluetooth signal used to provide an estimate of the physical distance between devices.
The impact on battery will vary according to individual phones, but changes made to how the system works mean it is not expected to have a noticeable effect.
However, Apple and Google’s technology will not be available to all users. On the Android side of things, it relies on Google Mobile Services, which excludes a number of Huawei ’s recent handsets. Older phones – pre iPhone 6S, for example – and so-called feature phones that cannot download the necessary apps will be excluded, removing some two billion people from the potential pool of users, according to recent estimates.
Covid-19 has infected more than 2.7 million people worldwide, with the death toll approaching 200,000.