facebook linkedin twitter

Computerware Blog

Is My Smartphone Tracking COVID-19 Exposures Without My Consent?

Is My Smartphone Tracking COVID-19 Exposures Without My Consent?

Remember a few months ago when Google and Apple joined forces to come up with a system to help state and local governments establish a COVID-19 Exposure Notification system? If you didn’t, you aren’t alone. A lot has been going on lately. Just to catch you up, the two tech giants recently pushed out an update across nearly all modern smartphones so state and local governments can deploy apps to notify people when they may have been exposed to COVID-19. Let’s do a deep dive on what this means for your privacy.

To be honest, we stopped thinking about Google and Apple’s COVID-19 Exposure Notification system too. That is, until we started seeing social media posts going around over the last week or so claiming that Android and iPhones have been getting a COVID-19 tracking app installed without getting permission from the user first. 

Here is an example of one of the posts that have been making rounds across Facebook:

A COVID-19 sensor has been secretly installed into every phone.
Apparently, when everyone was having “phone disruption” over the weekend, they were adding COVID-19 Tracker [SIC] to our phones!

If you have an Android phone, go under settings, then look for google settings and you will find it installed there.

If you are using an iPhone, go under settings, privacy, then health. It is there but not yet functional.

The App can notify you if you’ve been near someone who has been reported having COVID-19.

We checked our phones and confirmed that the option is clearly there. On Android, go to your Settings and tap on Google Settings and front and center will be an option to opt-in to the COVID-19 Exposure Notification system. By default, you are not opted in.

On iPhones, go to Settings, then Privacy, then Health and you’ll see a similar opt in that is currently disabled. In fact, you can’t enable it unless you’ve installed an official COVID-19 Exposure Notification app from your local or state government.

No, Android and iOS Didn’t Sneak a COVID-19 Tracking App On Your Phone - It’s Just a New Security Setting

The two tech giants have been working together to build an API (short for Application  Programming Interface) for a standardized system to make it easier for states and local governments to build an effective app to notify users if they may have been exposed to COVID-19. Google and Apple aren’t building the apps or pushing them out to users. If you see this setting, rest easy knowing they didn’t sneak a COVID-19 app onto your phone without your consent. 

It’s Not the App, It’s the Opt-In the Apps Will Require

Just to be perfectly clear, unless you manually installed something, your Android or iPhone isn’t just going to start tracking you and your friends and family to see if you have COVID-19.

Apple and Google confirmed this in a joint statement saying “What we’ve built is not an app - rather public agencies will incorporate the API into their own apps that people install.”

One thing worth pointing out is that the system won’t work as well if users don’t participate - if half of all users decide not to opt in, the system might not be reliable enough to do much good. It’s really up to the local governments and states to raise awareness while addressing the public’s concerns for privacy. With that said, what is being done to ensure that your privacy is protected?

Is the COVID-19 Exposure Notification Update from Google and Apple Safe?

Keep in mind, it’s really up to state and local governments to deploy the official apps themselves. Apple and Google merely laid out some groundwork that these apps can utilize.

Here’s how it works. First, you need to install an official application from your local or state government. When you install it and set it up, you’ll also need to opt in to Google or Apple’s API (that’s the new setting everyone is worried about). Once you are set up, a random ID is generated and exchanged between your phone and other nearby phones (that also opted in) within Bluetooth range. These random, anonymous IDs are stored on your phone. The random IDs are also changed every 10 to 20 minutes so they can’t be tracked. In short, your phone keeps tabs of phones it has been near without collecting or sharing any personally identifiable information.

If someone is diagnosed with COVID-19 and that personal manually shares that information with one of the official contact tracing apps, all of the random IDs their phone has collected over the past two weeks are uploaded (with that user’s permission) and the users of those IDs are notified that they may have been exposed. 

In other words, you don’t know who or where you may have been exposed to COVID-19. You just know that, at some point, the owner of one of the phones you’ve been within 30-or-so feet of has shared that they have been diagnosed with COVID-19.

Most importantly, the system doesn’t track your location, or share other users’ identities within the app, or even with Google or Apple. According to Google, the apps are not allowed to use your phone’s location or track your location in the background.

The technology is very secure and anonymous. It has to be, because it has to fall under the strict rules that govern healthcare data.

The Big Question Everyone is Asking: How Do You Uninstall the Apple/Google COVID-19 Exposure Notification Update?

Let’s get this out of the way. There is no app to uninstall. It’s an update to the Android and iOS operating system as part of a recent security update. The update isn’t tracking you - it’s simply a setting that lets you decide if you want to opt in to participate in the COVID-19 Exposure Notification System.

The only real danger is if you search around the Internet and follow instructions that walk you through rolling back your phone or other risky procedures to try to remove the update. That puts your phone at risk for other threats. There is nothing to uninstall, and rolling back your phone and preventing future security updates from ever getting installed is not a good plan.

If you don’t want to particulate, simply do not opt in. If you are worried about it, both Apple and Google state that by simply not installing a COVID-19 Exposure Notification app, or uninstalling one if you did install one, is all it takes to not participate.


That is only going to put your data and your privacy at risk. In other words, it’s shortsighted.

That said, the choice to opt in or out of the COVID-19 Exposure Notification system is yours to make, but Google and Apple seem to have built a system that is secure, without violating anyone’s privacy. If you have any concerns about the security of your data, don’t hesitate to reach out to us at Computerware.

Is the Cloud More than Your Business Needs?
What to Expect Out of Android 11


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, September 20, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Software Cloud Data Business Management Hackers Hardware Microsoft Workplace Tips Network Security Backup Productivity Hosted Solutions Managed Service Provider Business Email Productivity Malware IT Services Saving Money Efficiency Google Innovation Small Business Computer User Tips Collaboration Quick Tips VoIP IT Support Data Backup IT Support Smartphones Network Business Continuity Mobile Devices communications Gadgets Disaster Recovery Data Recovery Microsoft Office Social Media Android Cybersecurity Smartphone Upgrade Communication Mobile Office Server Phishing Virtualization Miscellaneous Mobile Device Management Ransomware Operating System Vendor Management Windows Passwords Mobile Device Holiday Users Windows 10 Managed IT Services Outsourced IT Apps Tech Term BDR Unified Threat Management Internet of Things Facebook Remote Monitoring BYOD Automation Remote Computing Apple Data Management Managed IT services Analytics Mobile Computing WiFi Windows 10 Browser The Internet of Things Cloud Computing Marketing Artificial Intelligence Training History Save Money Business Technology Firewall Spam Health App Alert Encryption Help Desk Big data IT Consultant Information Technology Bandwidth Office 365 Office Budget Two-factor Authentication Managed Service Covid-19 Cybercrime Access Control Hard Drives Windows 7 Content Filtering Going Green Managed IT VPN Bring Your Own Device Gmail Maintenance Antivirus Printer Government Recovery Employer-Employee Relationship Retail Information Hiring/Firing Cost Management Healthcare Best Practice Lithium-ion Battery Saving Time Blockchain Computers Wi-Fi Outlook Windows 8 Remote Work Wireless Technology Networking Search Virus Tech Support Money Computing Document Management Phone System iPhone It Management Hacking Data Security Data Loss IBM Travel Augmented Reality Education Customer Service Update Humor Project Management Conferencing Hard Drive Regulations Save Time Downtime Avoiding Downtime Mobility SaaS Value Password Computer Repair Running Cable Proactive IT Current Events Law Enforcement Hacker Vendor Patch Management Compliance Solid State Drive Data storage Twitter Customer Relationship Management Intranet Flexibility Applications PowerPoint Data Breach Laptop Risk Management Wireless Voice over Internet Protocol Legal Administration Storage Website File Sharing Monitoring Digital Payment Google Maps Software as a Service Router Paperless Office Sports Word Management Comparison Tablet Employee/Employer Relationship Social Engineering Disaster End of Support Cortana Company Culture Hosted Solution Robot Vulnerabilities Cooperation Securty Social Networking Meetings Private Cloud Excel Scam Telephony User Machine Learning Fax Server Black Market Telephone Systems Cryptocurrency Virtual Desktop Social Digital Business Growth Net Neutrality Websites DDoS Business Intelligence Chrome Managed Services Provider Mobile Technology Notifications YouTube How To Inbound Marketing Virtual Reality Smart Devices Unified Communications Settings Uninterrupted Power Supply Politics Computer Accessories Managed Services Automobile Multi-factor Authentication Vulnerability eWaste Emails Trending Bitcoin Chromebook Video Conferencing Managed IT Service Telephone Computing Infrastructure Hack Data Protection Pain Points Mouse How To User Error IT service Co-managed IT Downloads Statistics Download Processors Programming Processor Network Congestion USB Presentation Bluetooth Lifestyle Solutions Redundancy Microchip Taxes Professional Services Specifications Safety Distributed Denial of Service Streaming Media Employees Distribution Gaming Console Google Docs Evernote Memory Text Messaging Public Cloud Licensing Integration Webcam Documents Virtual Assistant Experience Monitors Entertainment Cleaning Cost Teamwork Heating/Cooling Office Tips Identity Theft Start Menu Tech Terms Term Access 3D Ebay Get More Done Business Managemenet Windows XP Electronic Medical Records UTM Transportation Content Emergency Thin CLient PDF Hard Drive Disposal CCTV Content Management Virtual Private Network Staffing Google Wallet Reliable Computing Turn Key FinTech Displays IT Plan Recording Enterprise Resource Planning Optimization Smart Phones Microsoft Excel Business Metrics Computer Malfunction Printer Server Development Society Directions Legislation Display Error Best Available Computer Care Keyboard Data Storage Micrsooft email scam SSID Addiction Google Drive Windows Server 2008 Domains In Internet of Things Trojan Dark Web Accountants Free Resource A.I. online Currency Processing Spyware Adminstration Mobile Payment Pirating Information Public Speaking Health IT Leadership Organize Procurement Drones Printing Shortcut Scalability LinkedIn Organization Migration Logistics Connected Devices Virtual Machines Motion Sickness Wireless Headphones Wasting Time Electricity PCI DSS Network Management Cyber security Troubleshooting Communitications Permissions Language Bookmark Equifax Fleet Tracking Entrepreneur Messenger Tracking Google Play Telephone Service cache HIPAA Television Skype Device security Employer/Employee Relationships MSP Environment Rental Service Archive Supply Chain Management WannaCry Competition Cabling AI switches Writing Desktop Microsoft 365 Finance Electronic Payment Web Server Webinar Internet Service Provider Music Nanotechnology Managing Costs Social Network Regulations Compliance Upgrades Business Cards Medical IT Service Level Agreement Trend Micro Time Management Business Owner Freedom of Information Administrator Point of Contact IT Assessment Browsers Startup Asset Tracking Corporate Profile Upselling Books Workers Unified Threat Management Security Cameras Backup and Disaster Recovery Threats Assessment SharePoint Video Surveillance IP Address LiFi User Tip Proactive Maintenance Username Supercomputer Remote Working Google Calendar Application Worker Supply Chains Gamification Saving ZTime Tip of the week Human Resources Navigation Screen Reader Virtual Machine Customer Resource management Financial Data Deep Learning Piracy Upload eCommerce Touchscreen News Analytic Electronic Health Records Work/Life Balance Data Analysis Smart Tech VoIP Reading Recycling Samsung Fiber-Optic GDPR Database Managing Risk Consultation Debate G Suite Best Practives Product Reviews Memes Visible Light Communication Printers HTML SQL Server Harddrive Knowledge Employer Employee Relationship Telephone System GPS Digital Signature Technology Tips IT consulting Mobile Security Hacks Physical Security Read Managing IT Services Tech Hypervisor Tablets Microserver Telework Software License Trends Holidays External Harddrive Fake News Banking Botnet Surveillance Fileless Malware Multi-Factor Security Hybrid Cloud Audit Relocation Remote Workers CIO Fraud Modem Tactics Strategy Data Warehousing Sync IT Advertising Flash Proxy Server Devices Azure Device Management Productuvuty Personal Information Financial CrashOverride 3D Printing Managing Stress Capital Regulation