Estimated reading time: 2 minutes, 17 seconds

Why Apple and Google’s Virus Tracking Concerns Privacy Activists

Wednesday, Apr 15 2020
Vulnerabilities
Written by  Security Tech Brief Staff

Apple and Google are developing mobile apps to help public health agencies track the spread of the novel coronavirus. But data security and privacy experts said the plan raises a host of potential problems.

google 485611 640smallThe recently unveiled collaborative effort would use Bluetooth technology to automate contact tracing, a process of identifying and following up with people who may have come into contact with a person infected by a pathogen such as the COVID-19 virus. In mid-May, as Time reports, iPhone and Android users would be able to download the companies’ contact-tracing apps, which would share their data anonymously and be run by public health officials. In the subsequent months, Apple and Google would build a voluntary contact-tracing feature into their operating systems themselves, eliminating the need to download an app.

Governments across the globe have been trying out contact-tracing apps to stem the pandemic, including in Singapore and the United Kingdom. An MIT lab that developed a prototype Bluetooth contact-tracing tool had been calling on Apple and Google for weeks to streamline access to users’ location data. But privacy advocates have said they’re worried that the extra surveillance will continue long after COVID-19 subsides.

Jennifer Granick, surveillance and cybersecurity counsel for the American Civil Liberties Union, credited Apple and Google for “an approach that appears to mitigate the worst privacy and centralization risks,” but noted that “there is still room for improvement.” She said in a statement, “We will remain vigilant moving forward to make sure any contact tracing app remains voluntary and decentralized, and used only for public health purposes and only for the duration of this pandemic.”

Moxie Marlinspike, creator of the encrypted messaging app Signal, has also expressed concerns that the announced system could open up cybersecurity risks, as Ars Technica reports. Former Federal Trade Commission chief technologist Ashkan Soltani cautioned that the system could lead to both false positives and false negatives, notes TechCrunch.

Others raised further red flags, as Politico reports. “Phone data has NEVER been proven secure and the chance of release is above 0%,” noted Sergio Caltagirone, vice president of threat intelligence for cybersecurity firm Dragos. “In fact, this is so juicy I'd argue there will be lots of baddie[s] who are interested in finding ways to leak this.” University of Texas at Austin cyber fellow Matt Tait detailed an array of possible flaws in the system.

Josephine Wolff, an assistant professor of cybersecurity policy at The Fletcher School at Tufts University, told CNBC that “the really important question [will be] how do we limit this use of information so it doesn’t turn into a mass invasion of privacy long term?”

Both companies have insisted that they will not allow governments to force citizens to use the contact-tracing software.

Read 4611 times
Rate this item
(0 votes)
More in this category: « Ransomware Attacks Surged 131% in 2019: Study Apple Admits iPhone, iPad Security Loophole »

Visit other PMG Sites:
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline