No, Your Phone Doesn't Have a 'COVID-19 Sensor'

Pull up Facebook, assuming you still use it, and key in COVID-19 sensor into the search bar.

The app can notify you if youve been near someone that have reported having COVID-19.

Thats the price you pay for all the free services you enjoy.

So, if youre super-concerned about privacy, your first thoughts shouldnt turn to all things coronavirus.

How the Exposure Notifications API really works

Now, back to COVID-19.

No, your smartphone doesnt have a COVID sensor or a built-in COVID tracker.

What it could have, via updates to the operating system, isa new API for exposure notifications.

Lets dig a bit deeper.

Its innocent by itself.

Nor is the government tapping into your phone to learn about your health or track your precise movements.

(I hope.)

Otherwise, the API doesnt do anything by default.

As Googledescribes:

This technology only works if you decide to opt-in.

If you change your mind, you could turn it off at any time.

The Exposure Notifications System does not collect or use the location from your rig.

All of the Exposure Notification matching happens on your unit.

The system does not share your identity with other users, Apple, or Google.

Access to the technology will be granted only to apps from public health authorities.

Their apps must meet specific criteria around privacy, security, and data use.

But that is, indeed, how it works.

To help prevent tracking, your phones random ID changes every 10-20 minutes.

Government public health authorities determine which factors might indicate exposure.

How long the contact lasted.

The Bluetooth signal strength of that contact.

Your public health authority app is not allowed to use your phones location.

Ifyouare infected, youll be responsible for self-reporting this status in whatever app youre using.

you could be a jerk and say nothing; you could uninstall the app outright.

you’re free to do whatever you want.

This is not associated with the app.

Our staff follows up with persons reported as positive, based on information provided within the laboratory report.

You must use that PIN to report a positive result to the app.

This prevents people from falsely reporting positive results, which could generate false exposure notifications.

Most people wont use contract tracing on their phone anyway

So, thats it.

But even that gets us into an awkward privacy trade-off.