Contact Tracing: Deep Dive & Simulation

The Contact Tracing proposal by Apple and Google aims to provide privacy preserving capabilities for informing people when they have been in close proximity to a COVID-19 infected person. The cryptographic portion of the specification has been implemented in Python, with a rudimentary "Life" simulator showing expected results. The main takeaway is that Apple and Google's specification substantially lowers privacy risk for contact tracing by not collecting existing data but generating new custom data specific to the use case. Handsets exchange secure unique bits of data using Low Energy Bluetooth connections, which are only possible when the handsets are near each other. This would be an opt-in program, with voluntary reporting of a positive COVID-19 test. The privacy focus is about ensuring the application and aggregator of the self-identifying subject data cannot identify who you are or who you have interacted with. The biggest risk to privacy will be how application developers implement the extraction and storage of Daily Trace Keys and what additional pieces of information they might request (or take) that are not within the scope of the initial specification.