Global Edition
Emerging Technologies

Bluetooth contact tracing apps built with Google and Apple's APIs still collect Android users' location data

Google says that the apps don't have user access to location data, but health bodies using the technology for their digital tools still aren't pleased.
By Dave Muoio
July 21, 2020
02:52 pm
Share

Despite very public messaging that the Bluetooth contact-tracing tools for COVID-19 developed by Google and Apple would not track users' locations, its implementation within Android operating systems still collects GPS data that Google could use to determine the user's location, The New York Times reports.

The issue is driven by the operating system's device location setting, which must be enabled for the system to scan for other devices using Bluetooth. This requirement has been in place since 2015, because some apps will use Bluetooth as a means of understanding the user's location, according to a Google representative who spoke to the Times.

Google is able to use the activated setting to identify a user's location through non-cellular communications, such as WiFi and Bluetooth beacons. The company's representative said that apps built with the contact-tracing tools do not have access to these data without user permission.

WHY IT MATTERS

Google and Apple's contact-tracing technology has been employed in contact-tracing apps released by several countries – Austria, Germany, Japan and Switzerland, to name a few – and is being used or considered for tools being developed by a handful of  U.S. states. In some countries, these apps have been downloaded by the public millions of times.

Decisions to incorporate the technology or download those apps would have been heavily based on the companies' claim that a Bluetooth approach would require no location data to be logged. Numerous stakeholder groups, public health leaders and privacy experts have warned legislators of the unintended consequences of widespread location tracking, and in some cases questioned whether or not the tools would be effective to begin with.

National public health representatives from Switzerland and Latvia told the Times that they were aware of the setting and had pressed Google to make a change, while another from Denmark said that the country's health ministry was interested in speaking more with Google after learning of the active location-tracking capabilities.

THE LARGER TREND

Google and Apple's system-level tools were announced to much fanfare in early April and went live in mid-May operating system updates. Many public health bodies were fairly open about the reasons why they would incorporate the tools or develop their own approach in-house. Of particular note here is the U.K., which said in late April that it would opt for a more centralized digital contact-tracing system, but then backtracked last month and began work on an Apple-Google-based tool.

Still, homegrown COVID-19 contact-tracing apps have had their fair share of privacy hiccups as well.

Norway's contact-tracing app, called the Smittestopp, was temporarily banned due to privacy concerns from the Norwegian Data Protection Authority. Back in May, an Amnesty International investigation found Qatar’s mandatory COVID-19-tracing app had a weakness in its configuration that could have left it open to cyberattacks. And just today, another Times investigation described (now fixed) security flaws in South Korea's quarantine-enforcement app that would have allowed access to names, real-time locations and other personal information.

Tags: 
Apple, Google, contact tracing, contact tracing app, privacy, security, location tracking, Bluetooth, COVID-19

More regional news

Human genome analysis DNA molecular structure

Profluent releases AI-enabled OpenCRISPR-1 to edit the human genome

By
Nathan Eddy
May 03, 2024
U.S. Food and Drug Administration sign in front of a building

FDA issues warning letter to Philips regarding manufacturing facility

By
Jessica Hagen
May 03, 2024
Several people sitting in a garden area near a building looking at something out of the picture

Transcarent raises $126M, bringing its valuation to $2.2B

By
Jessica Hagen
May 02, 2024
Share

Top Story

U.S. Food and Drug Administration sign in front of a building
FDA issues warning letter to Philips regarding manufacturing facility

Editor's Pick

Q&A: The status of the White House-led CancerX initiative
Amazon's One Medical announces three new partnerships
Philips receives $60M from Bill and Melinda Gates Foundation for AI tech
VR mental health platform XRHealth blasts off with NASA
Jolly Good develops palliative care VR training module and more briefs
Walmart Health signs care coordination agreements with Florida health system, insurer

More Stories

Human genome analysis DNA molecular structure
Profluent releases AI-enabled OpenCRISPR-1 to edit the human genome
Several people sitting in a garden area near a building looking at something out of the picture
Transcarent raises $126M, bringing its valuation to $2.2B
Dr. Julia Frydman, medical director for palliative care at Thyme Care
Exclusive: Thyme Care launches virtual palliative care program, appoints medical director
Healthcare provider wearing a lab coat and stethoscope while sitting at a desk and talking to someone on a computer
TeleRare Health launches to offer virtual care to rare disease patients
Walmart store front
Walmart announces closing of clinics and virtual care
Person being rolled into a diagnostic imaging machine with lasers scanning their body
GE HealthCare stock falls 14% after releasing its first quarter earnings
Person wearing nursing scrubs sitting at desktop
Trovo Health launches with $15M and other digital health fundings
Person standing on a boardwalk holding up their arm while looking at a device on their wrist
WHOOP announces global expansion, additions to executive team