Closed mh- closed 4 years ago
As the documentation states, we only get the date of the exposure event from the exposure notification framework.
Same applies to Android (bottom of page 7 of the API documentation).
Internally, a higher precision might be needed upon matching of the RPIs, to verify that the time, when the specific RPI was captured, matches the time of its validity.
Internally, a higher precision might be needed upon matching of the RPIs, to verify that the time, when the specific RPI was captured, matches the time of its validity.
Your assumption is right, and if the Privacy Notice gives a statement, which in this case is about "your smartphone’s exposure logging functionality" (not about the app), the statement should be correct.
The information below is currently stored in the app_contact-tracing-contact-record-db
database that GMS 20.18.17 creates, along with the day and the RPI:
message ScanRecord {
optional uint32 timestamp = 1;
optional int64 rssi = 3; // why int64?!
optional bytes aem = 4;
}
message ContactRecords {
repeated ScanRecord scanrecord = 1;
}
timestamp
is the Unix epoch time in seconds when the RPI was scanned. I found up to 14 entries per RPI in 4 seconds scan windows (every 4-5 minutes).
Agree with @mh- , the statement in privacy notice is not correct, smartphones log date and time of received RPI. @tklingbeil if you want to just inform user what information is received by CWA from EN framework then received RPIs should not be even mentioned in this place, since they are not made available to CWA.
If this is the intention then wording probably should be changed from "smartphone's logging functionality" to "information shared by Exposure Notifications with CWA".
Where to find the issue
Privacy Notice (de and en)
Describe the issue
The current version reads
In addition to the random IDs received from other smartphones, your smartphone’s exposure logging functionality records and stores the following contact data: • Date of the contact • Duration of the contact • Bluetooth signal strength of the contact.
Suggested change
• Date of the contact
should be replaced by
• Date and time of the contact