ApturiCovid App: Myths and Facts

The essence of the ApturiCovid app is that it uses the phone's built-in Bluetooth to "greet" other nearby ApturiCovid apps. If a user whose app has greeted yours in the past 14 days tests positive for Covid, that user's app will send you a warning that such a contact occurred.

The essence of the ApturiCovid app is that it uses the phone's built-in Bluetooth (the same one used to connect wireless headphones, for example) to "greet" other nearby ApturiCovid apps. If someone whose app has greeted yours in the past 14 days tests positive for Covid, that Covid-positive user's app will send you a warning that such a contact occurred. But you will not know who that contact was - only that such a contact took place.

Neither ApturiCovid nor any other app can invisibly connect to a completely different app, nor can it "listen in" on what another app is transmitting over Bluetooth. What it can do is see nearby devices - see their app identifier, but not connect to them.

Bluetooth "sees" through walls. If another ApturiCovid owner is your neighbour on the other side of the wall, the app may conclude that you are in contact.

If another ApturiCovid user tests positive for Covid, the app (if its user wishes) will notify all ApturiCovid apps it has been near in the past 14 days. Theoretically, knowing the time when contact occurred with a Covid-positive app owner, one can try to recall who that person might have been or what the circumstances were in which this person might have been encountered.

How does the Covid-positive app know who to send the warning to? Since the app is anonymous, it does not know your name or even your phone number. The app, unless specifically granted permission, cannot access contacts, call history or messages. However, the app must somehow register with a central server so it can receive notifications when needed. In doing so, the server learns your device's IP address. Over time - all IP addresses through which the device connected to the server. If the IP address is known, the internet operator is also known, and therefore the contract holder.

However, IP addresses and location history are collected by many apps - Facebook, Google, step counters, etc. This is also necessary for your convenience - for example, if you are in London rather than Riga, the weather forecast will show London, etc.

Another matter is if your device was connected to a Wi-Fi network near which a crime occurred. Theoretically, such information - which devices were connected to that network at the time of the crime - could be useful to law enforcement together with other material evidence. That is, it could be established that a person is an ApturiCovid app user, has been in such-and-such places within the past 14 days (assuming older history is deleted), one of which will very likely be their home Wi-Fi. :)

No less interesting are the practical aspects of using the app:

For example, upon receiving a notification that you have had contact with a Covid-positive person, how do you verify that it is genuine? You will not know who that person is, and you will not be able to perform a double-check by, say, calling them.

What should you do upon receiving such a notification? Seek help? - What kind? There are no medicines or vaccines! Sit at home for 2 weeks awaiting the inevitable? Go and pay for a Covid test?

How securely is data stored on the server - even if anonymous, it still contains (or may contain) the device's IP address? General data processing rules cannot be applied to this data for the same reason: there is no personal data.

Privacy is a very important thing. To be cherished and protected. Privacy, like any freedom, must not be absolute; it should be as broad as it does not pose a threat to society.

Is it worth resisting progress?

https://www.apturicovid.lv/

Share:
Rate: 4 (1)
Views: 0

comments



What are others reading?