Apple and Google will ban location-tracking by apps using their new coronavirus contract-tracing API, newly renamed ExposureNotification.
In a set of guidelines [PDF] for the API released today, the companies said that developers will not be able to access or even seek permission to access location data using the app.
That's a welcome change as Android currently requires location access to be enabled to make always-on Bluetooth of the sort required by contact-tracing apps to work, even though GPS data is not used.
The two companies started developing the system after the concept of contact-tracing won favor, but it was quickly pointed out that constant use of Bluetooth is forbidden-by-design in both iOS and Android.
The new guidelines also state that only public health authorities will be able to use the API, and that only one app per country will be permitted into app stores.
The first version of the API was released to developers last week. Today's release includes a new set of resources to help developers get started on the app development, including example UI assets and sample code for both iOS and Android.
Apple and Google said they would continue support countries that decide to use locally-made tracing systems, such as France, the UK, and Australia. These systems use a more basic Bluetooth system to log users who have crossed path, but can of course update their apps.
Apple and Google will continue to release updates and development kits before releasing a public version of the API to consumers later this month. ®