In the light of the “new normal” brought about with the COVID-19 virus, there are some technically possible, but ethically questionable ideas on how to track and prevent the virus. I am talking about the utilization of the blue tooth chip in your cell phone to track other people, or rather other cell phones that you have come within a given radius.
The technology has existed for a long time and many of us use it daily. Bluetooth is a short-distance, high-frequency radio transmitter and receiver pair in a majority of cell phones, radios, computer, televisions and vehicles manufactured in the last 10 years. The technology was introduced by Ericsson in 2001 in their T36 phone. The technology allows devices to communicate with each other across distances of 33-feet or less. The crazy part is that the latency of the Bluetooth signal, which is the time it takes the signal to make a round trip between two devices, can very accurately determine the distance between the devices.
Both Apple and Google are working together to engineer a supposedly anonymous method of using this signal to determine when two devices come in close proximity to each other. Currently they are engineering around a distance of six feet to match the World Health Organization’s social distancing recommendations. The plan is to send tracking information back to Google and Apple in a centralized, cloud-based database. Google is likely to host the data for both parties. A COVID-19 patient would use their device to scan a QR-code supplied by their doctor. This device then becomes a trigger mechanism and notifies every device that has been within six feet of it that the owner may have come in contact with the virus and should be tested.
I believe it is a technologically feasible use case for Bluetooth and a great way to notify people of supposed contact with the virus, but what about the privacy aspects? There are claims that they will use randomized Bluetooth IDs that change hourly on every device participating the program. These random IDs will be stored in a central database, but never cross-referenced to the previous ID. Each device will keep a list of every ID it has broadcast for a period of 14-days based on the incubation period of the disease. If a device owner is infected, the list of all its IDs are cross-referenced in the database to notify devices holding the IDs that were contacted. The big problem is the extremely large size of the data transfer required to keep the privacy.
Another major problem is, as I have mentioned in previous articles on internet safety, once something is on the internet, it is there forever. This includes the private random IDs and every other random ID they have contacted. If you believe for a minute that data processing giant Google does not have a market plan for this data, you are fooled. They claim they will keep the information completely private and only authorized health care organizations would be able to access the tracking data. I take issue with them gathering the data in the first place. Even knowing how many devices I come in contact within a given two-week period is a big enough invasion of privacy to give me concern.
I also worry that if Google and Apple are able to create this level of tracking, they are not the only ones capable of creating such a system. Your private life is no longer private if you carry a cell phone. They will be able to track where you are, when you got there and who is there with you. So my question to you is, how much privacy are you willing to give up for protection from an illness. I know the question is going to be asked of us all soon. You can read full details about the plans and technology on The Verge https://www.theverge.com/2020/4/10/21216484/google-apple-coronavirus-contract-tracing-bluetooth-location-tracking-data-app.