COVID-19 tracking apps have always been a sensitive topic since the concept came up last year. While such apps made it convenient and easy to do contract tracing and exposure notification, they also made it almost too easy to have privacy violations from third parties, companies, or even governments. Google and Apple providing official frameworks for authorized apps to hook into only offered some amount of comfort and assurance, but, it turns out, it might not be completely worry-free. A growing number of reports try to demonstrate how Google and the government of Massachusetts worked silently behind the scenes to install the latter’s MassNotify Android app on users that haven’t even agreed to Android’s official Exposure Notification feature.
The basic idea behind COVID-19 contact tracing apps is to have a location-aware device that you have on you all the time. While some versions make use of QR codes or even manual input, the most convenient implementations are able to log where you’ve been and, if someone in the same area tested positive for the virus, you would also be immediately informed. That alone raises many privacy red flags that proponents have tried to address in many ways.