"Never let a serious crisis go to waste" - Rahm Emanuel.
I agree with this and your sentiment, but I think it is misplaced in this instance.
As I understand it, the TraceTogether app collects (and stores locally), information on other users running the TraceTogether app nearby. If our government's contact tracers contact us, we can provide the information, and it can help in contact tracing. This seems to me to be at or near the minimum amount of information collection necessary to fulfil the function. Assuming voluntary widespread adoption, it is useful, and can be uninstalled at any time once the crisis blows over.
Honestly, as both a free software and privacy advocate... yeah. If contact tracing significantly improves our ability to eliminate the epidemic, and my current understanding is that it does, this seems like a pretty good implementation. So long as the data collection is explicitly voluntary, I'm asked for my permission first, and it's for an important cause like this one... I really don't mind!
I would much rather have a system like this than to be indiscriminately tracked and lose more privacy potentially indefinitely. The tracking can't be indefinite if I'm asked for permission, because if I don't think there's good reason for it I'll just say no. And if I'm worried the app's privacy measures aren't good enough and it'll be abused, I'll just uninstall it.
You can still turn it off by heading to settings and turning it off there (both WiFi and Bluetooth).
It turns the functionality off completely, and stays off until you manually turn it back on.
In control centre it only partially turns off. But that’s not unreasonable as many people don’t understand how many feature rely on Bluetooth. They would probably get annoyed when the stop working, just because they wanted to quickly disconnect some headphones.
That’s tricky without building a phone yourself from opensource hardware and software.
At least with Apple, they’re under so much scrutiny you can be fairly confident that if their software was lying it would quickly appear in the news.
Finally the above clearly shows that your assertion you can’t turn off the WiFi or Bluetooth radios is false (assuming the software isn’t outright lying, if think that then you should have said so in your first comment).
That's an old principle, and it is, unfortunately, still true. It all depends on where you want to put the trust slider, but push it far enough in the conservative direction and, yes, you enter "build your own machine from scratch" territory.
How do you know the hardware you use doesn't have a microdot that can bypass the monitoring logic and physically manipulate the radio without the OS's consent?
How do you know the software you're running doesn't embed its own bluetooth stack and use a 0-day exploit to gain physical control over the radio?
Oh, you compiled it yourself? With whose compiler? Are you sure that compiler faithfully adheres to the spec of the language and doesn't know how to embed a bluetooth stack that, etc.
Push the paranoia slider far enough, and you end up having to care about all this stuff.
I agree with this and your sentiment, but I think it is misplaced in this instance.
As I understand it, the TraceTogether app collects (and stores locally), information on other users running the TraceTogether app nearby. If our government's contact tracers contact us, we can provide the information, and it can help in contact tracing. This seems to me to be at or near the minimum amount of information collection necessary to fulfil the function. Assuming voluntary widespread adoption, it is useful, and can be uninstalled at any time once the crisis blows over.