Apple and Google have announced they will be collaborating on a new industry specification aimed at stopping the misuse of Bluetooth-enabled location-tracking devices. The draft specification is designed to alert users when they are being tracked without their consent, which could help combat stalking and other forms of harassment.
In a joint statement, Apple and Google said that the new specification would allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across both Android and iOS platforms. Samsung, Tile, Chipolo, eufy Security, and Pebblebee have all expressed support for the draft specification and will adhere to a set of best practices and recommendations, as well as notify users of any unauthorized tracking on iOS and Android devices.
The goal of the specification is to standardize the alerting mechanisms and minimize opportunities for misuse across Bluetooth location-tracking devices from different vendors. This would help protect individuals' privacy and security, as well as improve the overall safety of these devices.
Ron Huang, Apple's Vice President of Sensing and Connectivity, discussed the announcement:
"Apple launched AirTag to give users the peace of mind knowing where to find their most important items. We built AirTag and the Find My network with a set of proactive features to discourage unwanted tracking—a first in the industry—and we continue to make improvements to help ensure the technology is being used as intended.
This new industry specification builds upon the AirTag protections, and through collaboration with Google results in a critical step forward to help combat unwanted tracking across iOS and Android.”
To strengthen the security and privacy measures of Bluetooth-enabled location-tracking devices, the proposed specification includes a pairing registry that contains verified identity information of the device owner, such as their phone number or email address, and the accessory's serial number. This registry will be accessible to law enforcement upon a valid request, and the data will be stored for at least 25 days after the device is unpaired.
The proposed specification requires Bluetooth location-tracking devices to switch from "near-owner" mode to "separated" mode after 30 minutes of being away from the owner's device. This will enable individuals to receive alerts if a tracker separated from their device is traveling with them, and provide a way to locate and deactivate the device.
Interested parties have been invited to provide feedback on the draft specification over the next three months. Apple and Google expect to release a production implementation of the specification for unwanted tracking alerts by the end of the year on both mobile ecosystems.
Roy Akerman, Co-Founder & CEO at Rezonate, shared his thoughts on the announcement with SecureWorld News:
"Collaboration between all leading providers can truly make a difference and reduce the risk of location tracking. Creating a new protocol is yet another step joining other actions previously announced of privacy as those of the Chromium browser and cookie tracking. This reduces the chances for individual tracking for one of the most common protocols used in almost any device.
Instead of suggesting limiting usage and then passing responsibility back to the user, Apple, Google, and several other manufacturers are assuming responsibility and embedding additional security controls directly to the device."
Apple and Google have previously collaborated on developing a system-level platform that utilizes Bluetooth low energy (BLE) beacons to allow for contact tracing during the COVID-19 pandemic without using location data. Their latest collaboration builds upon that effort and demonstrates their commitment to protecting users' privacy and security across their respective platforms.
Follow SecureWorld News for more stories related to cybersecurity.