with Tonya Riley

Companies’ rush to develop technologies to track coronavirus infections is outpacing citizens’ willingness to use them.

About half of Americans with smartphones say they’re probably or definitely unwilling to download apps being developed by Google and Apple to alert those nearby they came into contact with someone who is infected, a Washington Post-University of Maryland poll released this morning finds. 

That’s primarily because they don’t trust the tech companies to treat their data securely and privately, as my colleagues Craig Timberg, Drew Harwell and Alauna Safarpour report

Add in people who can’t use the apps because they don’t own smartphones, and only about 40 percent of Americans are on board with using the tracking apps. That’s far lower than the approximately 60 percent of Americans who researchers say would need to use such apps to make a significant difference in slowing infections and allow states to ease restrictions on business and travel. 

The results demonstrate a long road ahead for both governments and tech firms if they want digital contact tracing to play a major role in combating the novel coronavirus's spread. They also show how years of security and privacy debacles have soured Americans’ trust in big tech firms — even in the midst of a crisis.

I don’t feel like they have a good track record of taking care of people's privacy and data. And I don’t want to give them more if I don’t trust them,” Brent Weight, a survey respondent from Rigby, Idaho, told my colleagues.

The public wariness comes despite a surge of efforts by tech companies to market coronavirus surveillance tools. 

Numerous companies are already working on apps that will piggyback on the Bluetooth-based software Apple and Google expect to release as early as this week — and which is designed to provide some measure of privacy to the users. That software will power apps built by state and local public health agencies.  

It's designed to log any time two people who have consented to be tracked are in proximity using anonymous signals that don't identify the individuals themselves. If someone reports being diagnosed with the coronavirus, the app will alert everyone he or she was in contact with they should consider getting tested or self-quarantining. 

An app that plans to incorporate the Bluetooth technology is already available in North Dakota and another is in the works in Utah. 

Other companies are pushing more invasive tools, including several offered by well-known vendors of surveillance products, as Reuters’s Joel Schechtman, Christopher Big and Jack Stubbs report

The Israeli surveillance firm Cellebrite, for example, already offers a tool allowing law enforcement to crack through the security protections in suspects’ phones and trace their contacts. It’s now pitching the same tool to police in India as a way to track the contacts of someone diagnosed with coronavirus. 

“This would usually be done with consent. … But in legally justified cases, such as when a patient violates a law against public gatherings, police could use the tools to break into a confiscated device, Cellebrite advised,” according to the Reuters report. 

Cellebrite is among at least eight surveillance companies repurposing their tools for virus-tracking, Reuters reported. 

That list also includes the controversial Israeli firm NSO Group, which is helping the Israeli Ministry of Defense build a tracking platform. NSO has come under fire for allegedly helping government clients hack and spy on journalists and dissidents. The company is embroiled in a lawsuit with Facebook over allegedly helping clients hack into its WhatsApp messaging service.  

In another blow yesterday, Vice reported a former NSO employee allegedly abused access to the firm’s technology to track a love interest. NSO fired the employee, Vice reported. The company declined to comment for the story. 

The American wariness about digital virus trackers mirrors comparatively low download rates for similar apps in other countries. 

Australia released a nationwide tool Sunday that has been downloaded about 2.8 million times. That accounts for about 11 percent of the nation’s 25 million people. Singapore’s TraceTogether app has been downloaded by about one-fifth of the population.

Apple and Google have even begun to describe the apps as exposure notification tools rather than “contact tracing” apps as a way to stress their benefits, as my colleagues report. 

“After a call last week with Apple chief Tim Cook, Thierry Breton, a member of the European Union's executive branch, went one step further, calling them ‘deconfinement apps,’ a term that stressed their potential to relieve the economically devastating movement restrictions imposed by government officials worldwide as they try to slow the spread of the coronavirus,” my colleagues report.

Wariness about the apps is also higher among Republicans than Democrats. 

Among Democrats who own smartphones, 61 percent said they’d probably or definitely use the Apple and Google tool compared to just 48 percent of Republicans.  

That could mean there will be greater difficulty tracing virus spread in Republican-led states — some of which are moving faster to ease pandemic-related restrictions — than in Democratic-led states. South Carolina, for example, has begun reopening some retailers and Georgia is even opening gyms and nail salons. 

Citizens who were especially fearful of becoming infected with the virus were alsos more likely to say they’d use the apps. 

The keys

Republicans are skeptical of voting by mail, a new Pew survey finds.

The findings come as President Trump and some of his GOP allies in Congress have assailed voting by mail as untrustworthy and prone to fraud but as Republican state officials are looking to it as a way to ensure safe voting during the pandemic. Notably, Ohio, which has a Republican governor and secretary of state, conducted a primary almost entirely by mail yesterday without any evident problems. 

Just about 3 in 10 Republican-leaning voters support handling all elections by mail compared to about 7 in 10 Democratic-leaning voters, as Aaron Blake reports. The percentage of Republicans who support voting by mail increases, however, in states where a significant number of people already vote that way, Aaron notes. 

“In other words, conservatives who live in states where it’s easier or more prevalent to vote by mail overwhelmingly favor it. The ones with the most experience with this method are quite happy with it,” he writes.

Just 49 percent of Republicans favor allowing anyone to vote by mail who wants to compared with 87 percent of Democrats

China is imposing harsh new cybersecurity rules that could disadvantage foreign products.

The new rules require companies operating “critical infrastructure” to go through a cybersecurity review when they order goods and services that affect national security, the Wall Street Journal reports. They come as the U.S. government is increasingly cracking down on Chinese goods in U.S. critical infrastructure, such as telecommunications, citing national security concerns. 

Worrisome for American businesses is wordingretained from the draft published last yearthat companies must assess risks of supply-chain disruption due to ‘politics, diplomacy and trade,’ ” the Journal reports. “The wording was seen as a direct response to the U.S. move last year to add Huawei Technologies Co. and several other Chinese tech firms to its trade blacklist that effectively banned suppliers from selling parts and technologies with a U.S. origin to those firms.” 

The federal agency disbursing small-business loans during the pandemic has persistent cybersecurity problems.

A government watchdog highlighted the Small Business Administration’s cybersecurity risks in an updated list of “priority open recommendations” along with other thins, including improving the agency’s disaster response capabilities. 

The Government Accountability Office report comes a day after an SBA web portal designed to disburse $310 billion in small-business loans during the pandemic sputtered and crashed, frustrating bankers and loan seekers That wasn’t because of cybersecurity problems but it highlights the agency’s technological challenges.

The SBA has not conducted an organization-wide assessment of all of its cybersecurity risks, which leaves its computer systems and data more vulnerable to hacking, the GAO found.

Government scan

Government cybersecurity officials are turning to industry Slack channels during the pandemic.

The Slack groups dubbed the Cyber Threat Coalition and the CTI League were created by private-sector digital threat hunters, but they’ve drawn a cavalcade of law enforcement agents and other government cybersecurity pros among their thousands of members, NBC News reports. 

That’s due to the surge in coronavirus-related digital scams and hacking efforts, and the difficulty of keeping up with them. 

“The FBI, which normally sees around a thousand complaints a day to its Internet Crime Complaint Center, has been receiving three to four times that number, Tonya Ugoretz, deputy assistant director of the FBI's Cyber Division, said in a recent talk. Google said it has been seeing 18 million coronavirus-themed phishing emails a day,” the story notes. 

Other government news:

Industry report

Facebook is restructuring its cybersecurity operations and moving some security pros to other divisions.

The move is part of a broad shift in the social media giant’s security operations over the past two years, including eliminating the position of chief information security officer, the New York Times reports. The latest changes were also “spurred by infighting and long-running issues within the department,” the Times reports. 

“To stay ahead of evolving security threats, we’re investing more in automated detection and bringing in new skills as we continue to grow our security team over all,” a company spokeswoman told the Times. “This also means we are restructuring a portion of our team and helping the people affected by this change find other roles at Facebook.” 

More industry news:

Global cyberspace

Vietnam-linked hackers have been using the Google Play store to spread malicious software.

The hacking campaign has gone on for four years and targeted victims in Vietnam, India, Bangladesh, Indonesia, Iran, Algeria, South Africa, Nepal, Myanmar and Malaysia, CyberScoop reports citing research from Kaspersky Lab. 

More news about digital threats:


  • Auburn University's McCrary Institute and the Cyberspace Solarium Commission will host an event discussing if deterrence is possible in cyberspace today at 1 p.m.

Secure log off

Is it only Wednesday?

On this episode of the Quarantine Cooking Show, Mary Beth Albright throws the best virtual happy hour with her fellow work-from-home Washington Post colleagues. (The Washington Post)