Dozens of nations launched exposure notification apps last spring, but some of them look very different today.
By Mia Sato
This spring, while the US government was spinning its wheels on an official covid-19 response, countries around the world were rolling out national contact tracing apps. Beginning with Singapore in mid-March, more than 40 countries have launched digital exposure notification systems, to varying degrees of success.
Our Covid Tracing Tracker logs each country’s app and the technologies used, noting privacy considerations and giving each one a transparency rating. We regularly update the tracker to document changes—for example, after finding that several countries rolled back privacy measures. Among the other changes: countries whose apps have been suspended, relaunched, or replaced.
Iran’s AC19 app, which claimed to detect covid-19 infections but was actually spying on users, was banned from the Google Play store and no longer appears to be in use. Meanwhile, Japan’s app has been suspended at least twice because of glitches. The country plans to allow entry to overseas travelers for the delayed Tokyo Olympics as long as they present negative covid-19 tests and download tracing apps.
Some other countries initially developed their own systems but switched to the Google/Apple notification system after it became available. Norway has just relaunched a new app with the same name as the original, after addressing privacy concerns and switching to the Google/Apple framework. Finland’s pilot app from earlier this year has been replaced with an app using that technology as well. Similarly in the UK, an initial trial app was scrapped after it was discovered to have problems detecting iPhones nearby; it was replaced with a Google/Apple system in September. (The new system faced problems too: in November it was reported that the app failed to notify users to isolate after coming in contact with infected people.)
Some statewide apps in the US have similarly suffered from false starts and relaunches. The North and South Dakota app, for example, was violating its own privacy policy. Many US states still don’t have an exposure notification app at all.
For each app, we document who is producing it and where it is available. We also ask five questions, guided by principles put forward by the American Civil Liberties Union.
- Is it voluntary? In some cases, apps are opt-in—but in other places many or all citizens are compelled to download and use them.
- Are there limitations on how the data gets used? Data may sometimes be used for purposes other than public health, such as law enforcement—and those uses may last longer than covid-19.
- Will data be destroyed after a period of time? The data the apps collect should not last forever. If it is automatically deleted in a reasonable amount of time (usually a maximum of around 30 days) or the app allows users to manually delete their own data, we award a star.
- Is data collection minimized? Does the app collect only the information it needs to do what it says?
- Is the effort transparent? Transparency can take the form of clear, publicly available policies and design, an open-source code base, or all of these.
For each question, if we can answer yes, the app gets a star. If we cannot answer yes—either because the answer is negative or because it is unknown—the rating is left blank. There’s also a field for notes that can help put things in context.
In addition, we document the basic technology underlying the app. Here’s an explanation of the key terms.
- Location: Some apps identify a person’s contacts by tracking the phone’s movements (for instance, using GPS or triangulation from nearby cell towers) and looking for other phones that have spent time in the same location.
- Bluetooth: Some systems use “proximity tracking,” in which phones swap encrypted tokens with any other nearby phones over Bluetooth. This information is easier to anonymize and generally considered better for privacy than location tracking.
- Google/Apple: Many apps rely on a system developed jointly by Google and Apple. It lets iOS and Android phones communicate with each other over Bluetooth, allowing developers to build a contact tracing app that will work for both. The exposure notification function is now built directly into some smartphone operating systems.
- DP-3T: This stands for decentralized privacy-preserving proximity tracing. It’s an open-source protocol for Bluetooth-based tracking in which an individual phone’s contact logs are only stored locally, so no central authority can know who has been exposed.