I feel obligated to update on this one, as I’ve advocated for these features. As previously covered, Google and Apple collaborated on their COVID-19 contact tracing framework and assured the public about the data being both anonymized and not shared.
Turns out, there IS a privacy flaw in the Android version of the product, as found by the Markup.. but more importantly, when researchers alerted Google in February of this year… Google failed to change it. The researchers say that Google dismissed their concerns… until the Markup contacted Google.
Why do we care?
I’m far less focused on the vulnerability than I am on the reaction. While I would have hoped it didn’t have an issue, we all know software is potentially flawed. It’s about how you respond that always, always matters.
This is why notification and disclosure laws work – pressure and exposure drive behavior. And that’s why we care.