COVID-1984, Your iPhone, and You


About Fr. John Zuhlsdorf

Fr. Z is the guy who runs this blog. o{]:¬)
This entry was posted in Semper Paratus, Si vis pacem para bellum!, The Coming Storm, The future and our choices and tagged , , . Bookmark the permalink.


  1. jhogan says:

    Thank you, Father! I would have updated my iPhone as a matter of course except for this warning!

  2. Dustin F, OCDS says:

    I keep a dumb phone for a number of reasons, issues like this being one of them.

  3. fmsb78 says:

    I am software developer of many years and if you only knew what we do… you would throw your phones in the first dumpster you find.

  4. Josephus Corvus says:

    From what I’ve heard, those apps will be using Bluetooth, so if updating is required for you (e.g., business phone), at least keep Bluetooth off when not actively using a feature that requires it. Remember to turn it off in Settings rather than the Control Center so it doesn’t automatically turn back on tomorrow.

  5. I have an Android, but that sort of stuff is why I never update it, don’t have a Google account attached to it, and (partly as a consequence of the foregoing) almost never install apps on it except for the two or three that I require for work, one of which is a two-factor authentication app. I also keep it shut off at night and on weekends. What is scary is what level of privacy invasion people will willingly invite without a struggle.

  6. iamlucky13 says:

    The NBC link contained within the Twitter post was far, far more informative than the Twitter post.

    I’m less concerned about this specific effort than the precedent that it sets.

    Fortunately, there are certain things they appear to be doing right about this. In particular, the update stores data on each individual’s phone, rather than in a centralized database that could be more accessible to people who have no right or legitimate business accessing data on a person’s location.

    I don’t know what their next step is, but it should be possible to keep the close contacts it logs largely unidentifiable, acting more like token locating services such as Tile. Basically, the tracking program should monitor for bluetooth devices running the same program. When one is detected, it should log an anonymous identifier and perhaps some data about the proximity (such as duration and estimated distance). Then, if a user is diagnosed with COVID-19, it should push a notification only to those meeting some threshold for duration and distance, consistent with what health researchers consider close contact.

    The OS update should also default to no data collection. Given the utility of the information in aiding the control of COVID-19, I see it at reasonable to be a little pushy and automatically prompt the user to consent to (or refuse) data collection for a specific period of time, when the request could be renewed. I think 3 months would be appropriate.

    As I work at a company subject to information export control regulations, with some ITAR implications, as well as significant proprietary information concerns, company policy requires me to accept updates on my company-issued phone.

    I will have to look into this more. Turning off Bluetooth would prevent the contact identification, but that doesn’t guarantee that location logging does not happen. However, it should also be possible to deny location information to the feature, unless the update restricts the user from doing so, which would be completely unacceptable.

  7. ron.d says:

    Correct. I am in software development, too. No need to panic on this.

    First off, because the updates themselves do nothing to track you in any new way. You would need to download and install some specific new tracking app from a state or other source.

    Also, any app you install will not use this new tracking tech without your consent. Just like when an app asks to use your contacts or gps, any new tracking app needs permission to work in this way.

    Be peaceful.

  8. Mac in Calgary says:

    Flip phone most of the time, occasional Android.
    I always deny location services because I know where I am. If a merchant wants to help me find their nearest brick-and-mortar outlet, postal code works.

  9. Rob83 says:

    I am driving my ancient smartphone into the ground, it is currently in its eighth year of service and has been too obsolete for updates for years.

  10. Chris Garton-Zavesky says:

    Very pleased to own a dumb phone.

  11. If you have a cell phone, even an ancient one, you can be tracked anyway.

    Update your software on your smart phones. If you think you are making it harder to be tracked, you’re wrong. Those patches have security updates. You are actually making it EASIER to be tracked or have your device compromised.

  12. JustaSinner says:

    When the government comes for you, call them, leave line open, jam phone in Gatorade bottle and toss into an empty coal carrier on a CSX train… preferably in the middle to make them search ALL of the cars. Speaking from experience.

  13. The Masked Chicken says:

    There are several issues, here.

    First, it would be most helpful if someone were to post the actual language of the End User’s License Agreement (EULA) so that we could read the actual language. Someone on Twitter, who may or may not be a contract lawyer (I don’t know), may not actually know if this creates any sort of enforceable legal obligation to have one’s movements tracked. Given Apple’s near paranoia with privacy, I doubt very strongly that Apple will have any motivation to collect the data and store it, itself. Most software of this type is opt-in, so, I would like to see the exact language in the EULA.

    In principle, Apple, also, collects location data, but that is opt-in, because one can turn location services off (although, it does not totally stop location services, only makes it less precise – the iPhone always know what cell tower it is pinging). The European Union, which is even more persnickety about data collection than Americans, are, from what I have read, actually satisfied with Apple’s approach to this software, because the data resides on your phone and is not sent to a central server. It, also, uses Bluetooth, which has a very limited range. I don’t know the iPhone specs, so the range could be anywhere between 3 ft and .6 miles.

    This is not tracking software. It is contact software, supposedly, to help with contact tracing. One reason that Hong Kong has such a low rate of COVID-19 cases is that the citizens, not the government (which is in disarray and about to go nuclear with what the Chinese hierarchy is about to impose in terms of law), decided to implement coordinated citizen-initiated digital contact tracing using social media. We could do that, as well, if we weren’t so darn interested in just squabbling on Twitter instead of taking matters into our own hands and using it in a coordinated way to our advantage. Then, the Apple/Google software would be unnecessary.

    This is not the first attempt at contact tracing using phones. The British mathematician/math liaison, Hanna Fry, used a similar phone app back in 2018 to see if it were possible to track the contacts of thousands of random Brits for use in mathematical modeling. There was an hour-long special on BBC 4 about it:

    She updated her thoughts in a Numberphile podcast a few weeks, ago:

    Second, if the contact tracing software is not opt-in, then, this would be, effectively, social engineering of a type similar to Microsoft’s attempt to force everyone to use it’s browser, Internet Explorer, back in the late 1990’s and one could hope a court would force Apple/Google to change the EULA to make it opt-in.

    Third, this is why I use open software, like Linux, as much as possible. They are bound, legally, to give me the source code for the operating system (and most software programs), which I can modify anyway I like. Apple’s and, increasingly, Google’s walled-garden approach to their software runs counter to the sort of code-sharing emerging in science. More and more, the trend is towards releasing code in the sciences so that it can be examined and used by others (although, some climate scientists have refused, which has added to the mistrust of their data). Repositories like GitHub make that very easy. Unfortunately, making contact tracing code open source is a recipe for disaster, so, contact tracing behind a walled-garden, be it Apple or Google, might be one way to go, unless the Hong Kong approach were used.

    I suppose if one doesn’t think contact tracing is important, then that changes the dynamics of the conversation, however.

    The Chicken

Comments are closed.