BNMC Blog

Did Google and Apple Secretly Install a COVID-19 Tracking App?

Did Google and Apple Secretly Install a COVID-19 Tracking App?

In a recent security update, most Android and iOS phones received a new opt-in setting related to the COVID-19 Exposure Notification system. What is this? Is your phone being tracked? Let’s take a deeper look at what is going on.

We’ve seen a few social media posts over the last week or so claiming that Android and iPhones have been getting a COVID-19 tracking app installed without getting permission from the user first. People are worried that their privacy is at risk. Here is an example of one of the posts that have been making rounds across Facebook:

**VERY IMPORTANT ALERT!***
A COVID-19 sensor has been secretly installed into every phone.
Apparently, when everyone was having “phone disruption” over the weekend, they were adding COVID-19 Tracker [SIC] to our phones!

If you have an Android phone, go under settings, then look for google settings and you will find it installed there.

If you are using an iPhone, go under settings, privacy, then health. It is there but not yet functional.

The App can notify you if you’ve been near someone who has been reported having COVID-19.

There is a little bit of misinformation here. First of all, there really isn’t a way to sneak a “sensor” onto a device through a software update unless there is already some hardware in place that does the sensing. This immediately tells us that something about this is at least a little bogus, because from a technical standpoint, the sensationalist post misses the mark.

Here’s what really happened.

Google/Apple Didn’t Sneak a COVID-19 Tracking App On Your Phone - They Pushed a Security Setting

Google and Apple have been working together to build a framework that app developers can use for apps that notify users if they may have been exposed to COVID-19. They didn’t sneak a COVID-19 app onto your phone without your consent. 

The two companies added a setting to enable the use of Google and Apple’s COVID-19 Exposure Notification system. This system is the groundwork that official COVID-19 notification apps can use. State and local governments are responsible for developing the apps, but they can use Google and Apple’s secure platform in order to get them to work.

If you follow the steps in the article and on Android, go to Settings and then Google Settings, you’ll see that the option to opt-in is disabled. The same with iPhone users; by going under Settings, then Privacy, then Health, you’ll have an option to opt in.

Even if you opt in, you still need to install one of the official apps, most of which aren’t even released yet. Again, this is just the groundwork.

This Isn’t a COVID-19 Tracking App

Just to be perfectly clear, unless you manually installed something, your Android or iPhone isn’t just going to start tracking you and your friends and family to see if you have COVID-19. If you go into your settings as mentioned in the above Facebook post, you’ll see that you either need to install or finish setting up a participating app before the notifications can even be turned on. 

Apple and Google even confirm this in a joint statement saying “What we’ve built is not an app - rather public agencies will incorporate the API into their own apps that people install.”

API stands for Application Programming Interface. Basically, Google and Apple have developed a standardized system to make it easier for states and local governments to build an effective app to notify users if they may have been exposed to COVID-19, but Google and Apple aren’t building the apps or pushing them out to users. .

It’s worth mentioning that the system won’t work effectively if users don’t adopt it - if half of all users decide they won’t use the COVID-19 notification system, it might not be reliable enough to do much good. We don’t want to sound pessimistic, maybe as states and local governments work to deploy their applications, people will come around.

How Does the COVID-19 Exposure Notification Work?

The system is still in its infancy, and it’s really up to state and local governments to deploy the official apps themselves. Google and Apple just laid out a secure system that these apps can piggyback on.

It works like this; when you opt in and use one of these apps, a random ID is generated and exchanged between your phone and other nearby phones (that also opted in) within Bluetooth range. That’s about 30 feet, generally. These random, anonymous IDs are stored on your phone. Basically, your phone keeps track of other phones it has been near without collecting or sharing any personally identifiable information.

If someone is diagnosed with COVID-19 and manually shares that information with one of the official contact tracing apps, all of the random IDs your phone has collected over the past 14 days are uploaded (with your permission) and the users of those IDs are notified that they may have been exposed. 

Most importantly, the system doesn’t track your location, or share other users’ identities within the app, or even with Google or Apple. According to Google, the apps are not allowed to use your phone’s location or track your location in the background.

In short, the technology is very secure and anonymous, which is good, because it has to fall under the strict rules that govern healthcare data.

Many Still Ask: How Do You Uninstall the Apple/Google COVID-19 Exposure Notification?

Since this API isn’t actually an app, you can’t uninstall it. It’s built into Android and iOS’s operating systems and pushed through recent security updates. It’s simply a setting that lets you decide if you want to opt in or not.

If you search around the Internet and social media, you’ll run across instructions that might walk you through rolling back your phone or other risky procedures, but that only puts your phone at risk for other threats. There is nothing to uninstall, and rolling back your phone and preventing future security updates from ever getting installed is a very bad idea.

All you need to do is not opt in, if you don’t want to participate. If you are worried about it, both Apple and Google state that by simply not installing a COVID-19 Exposure Notification app, or uninstalling one if you did install one, is all it takes to not participate.

WE CAN’T STRESS THIS ENOUGH: DO NOT FOLLOW ANY INSTRUCTIONS ONLINE THAT WALK YOU THROUGH ROLLING BACK YOUR PHONE AND OPTING OUT OF SECURITY UPDATES. 

Opting out of future security updates only puts your privacy and your data at even more risk.

Of course, the choice to opt in or out of the COVID-19 Exposure Notification system is yours to make, but Google and Apple appear to be doing all the right things to ensure that the system is safe and secure, without violating anyone’s privacy. If you have any questions or concerns about your privacy, or the security of your data, don’t hesitate to reach out to us at BNMC.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, September 22 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.bnmc.net/

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Productivity Business Computing Email Privacy User Tips Cloud Microsoft Network Security Efficiency Business Hackers Hosted Solutions Software Computer Malware Data Communication Workplace Tips Google Small Business IT Services Hardware IT Support Mobile Devices Cloud Computing Tech Term Internet Smartphone Managed IT Services Data Recovery Android Users Backup Ransomware Mobile Device Innovation Windows VoIP Outsourced IT Phishing Smartphones Upgrade Information Saving Money Disaster Recovery Data Backup Facebook Miscellaneous communications Windows 10 Business Management Office 365 Server Microsoft Office Cybersecurity Social Media Network Business Continuity Browser Productivity Managed IT Services Windows 10 Passwords Internet of Things Data Management Quick Tips Vulnerability Remote Monitoring Word Apps Gadgets Gmail App COVID-19 Infrastructure Encryption Conferencing Mobile Office Managed Service Chrome Managed Service Provider Analytics Artificial Intelligence Save Money Money Router Remote Work Networking Information Technology Virtual Reality Company Culture Collaboration Google Drive Access Control Settings VPN Government Remote Workers BYOD Employer-Employee Relationship Paperless Office Website Tip of the week IT Support Applications Spam Unified Threat Management Antivirus WiFi Operating System Automation Big Data Employee-Employer Relationship Firewall Maintenance Content Filtering Bandwidth Document Management IT Management Data Security Business Technology Apple Computers Virtual Private Network Education Development Storage YouTube Display Risk Management HIPAA BDR Hacker Data storage Office Tips Avoiding Downtime Robot Customer Relationship Management Scam Computing Outlook Laptop Data loss Compliance Business Intelligence Telephone Systems Bring Your Own Device The Internet of Things LiFi End of Support desktop Break Fix Social Hosted Solution Managed Services Search Humor Administration Regulations Downtime Best Practice Remote Computing Marketing Mouse MSP SaaS Augmented Reality OneNote Going Green Managing Stress Wi-Fi Server Management Data Breach Holiday Wireless Touchscreen Windows 7 Virtualization Solid State Drive Software as a Service Managed IT How To Printing Tablet Retail Alert Training Hard Disk Drive Password IT Social Network Vendor Management Two-factor Authentication Mobile Security Monitors iOS Chromebook Managed IT Service Distribution Voice over Internet Protocol Security Cameras Profiles Specifications Alt Codes Procedure Cooperation Service Level Agreement Spying National Security Social Engineering Human Error Memory Websites Heating/Cooling Multi-Factor Security Hotspot Internet Exlporer Analysis Students Twitter Optimization Virus Digital Payment Time Management Printer Budget Payment Card Connectivity Scalability IT Technicians Digital Logistics Modem FinTech Utility Computing Meetings Disaster Black Friday Typing PCI DSS Staff Leominster Updates Safety Current Events Device Reducing Cost Servers Google Calendar Language Value Cybercrime Mixed Reality Emergency Mirgation Recycling LED Threats Network Management Inventory IoT Migration Network Congestion Consulting Dark Web Spyware Asset Management Cookies Laptops Uninterrupted Power Supply Cyber Monday Cryptocurrency Battery K-12 Schools PowerPoint IT solutions Social Networking Mobility Batteries File Sharing Legislation Google Docs Peripheral Computing Infrastructure Professional Services Writing Computer Care IBM Chatbots eWaste Co-Managed IT SharePoint Shadow IT Star Wars Microsoft Excel Hacks GDPR Identity Theft Techology Google Wallet Memes Nanotechnology Dark Data Managed Services Provider Update Smart Technology Bitcoin Files Wearable Technology Network upgrade Halloween Onboarding Lenovo Motherboard Cables Print Toner Myths Statistics Business Growth Management Alerts USB Slack Hard Disk Drives Corporate Profile Identity Continuity Content Huawei Automobile Politics Downloads Legal Gamification Fraud Cost Management Messaging G Suite Mail Merge Blockchain Scary Stories Digital Signage Data Warehouse Work/Life Balance VoIP Unified Threat Management Unified Communications Drones Screen Reader Charging Entertainment Customer Service Vendor Dell Shortcut Distributed Denial of Service Windows 8 RMM Smart Office Firefox Superfish Wires Shortcuts Mobile Management Health Private Cloud Cabling Bluetooth Comparison Policy Licensing Dongle Running Cable Monitoring Solid State Drives Office Samsung WannaCry Mobile Device Management Solar Buisness Streaming Processor Tech Support Google Maps Deep Learning Assessment Employee-Employer Relationships Address Permissions Sports Troubleshooting Business Analysis User Error Holidays Smart Tech Virtual Desktop Hybrid Cloud Patch Management Banking Work Electronic Medical Records Notifications GPS Mobile Computing Physical Security IT Consultant Printers Upgrades Gadget Emoji Cameras Crowdsourcing Tracking Personal Information Botnet Cleaning 3D Printing Cortana CCTV Webcam Machine Learning Processors Financial Unsupported Software Error Point of Sale Ben McDonald shares Computer Repair Travel Relocation Mobile Data How To Supercomputer CrashOverride Recovery Motion Sickness Staffing Administrator Black Market Taxes Law Enforcement IT Budget Regulation Web Server what was your?

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3