moderna vaccine stock file photo

Photo of Moderna coronavirus vaccine. (Photo by David Grunfeld, NOLA.com | The Times-Picayune | The New Orleans Advocate)

LSU researchers have created a cellphone app to track the coronavirus and alert people who might have been exposed to COVID.

The GeauxTrace app uses the signal strength from Bluetooth software, which is common on most cellphones, computers and other devices, to assess the distance between cellphones. Users who were in the vicinity of someone who recently tested positive for COVID are informed of the possible exposure.

The COVID pandemic has spurred urgent demand for "contact tracing apps." The goal is to allow people to go out and about as normal and only quarantine when they know they've been exposed.

Google, Apple and other tech companies have already created their own cellphone-based tracing applications, often also using Bluetooth.

Lu Peng, an LSU electrical and computer science professor, began developing the app in January with a group of undergraduate and graduate students. It's part of an $888,642 grant from the National Institutes of Health, university officials said.

Peng said he pursued the application, which recently finished testing by a group of voluntary users, to try to stop the spread of the coronavirus and COVID-19. 

"We're trying to make some contribution to the community," Peng said.

People who use GeauxTrace are notified of a positive test if their cellphone has been within at least six feet of someone who tested positive within the past 14 days. The close contact has to have been for at least 15 minutes, Peng said.

Cellphones have become an increasingly important tool for law enforcement to track suspected criminals, usually after obtaining a court order. Many commercial apps also track the position of their users, often for their own banal purposes — such as showing where the closest coffee shops and restaurants are — and only after a user grants authority.

But privacy advocates often criticize the potential abuse of location-tracking apps.

Peng said the GeauxTrace application has a number of safeguards to protect users' privacy. 

Top stories in Baton Rouge in your inbox

Twice daily we'll send you the day's biggest headlines. Sign up today.

Each user is assigned a random number that isn't tied to their cellphone number, but to the login identity people have provided. To create that identity, users don't have to provide their cellphone numbers, personal email addresses or other identifying information. 

The random number is broadcast in the background to create a virtual map. This internal, electronic map doesn't show the actual location of someone's cellphone in Baton Rouge or any other place, but the relative distances among cellphones also using the application.

"We do not use Bluetooth to detect position," Peng said.

After a positive test is reported, those nearby are notified through the app simply that they had been in contact with someone who had tested positive without knowing who or exactly when or where.

The data is also encrypted and spread out among multiple servers to avoid the risk of hackers tapping into one machine and stealing health information, Peng said. 

Despite those measures, some privacy advocates suggested the application need more protections.  

Jon Callas, director of technology projects for the Electronic Frontier Foundation, noted the application relies on self-reporting by users to spread word of a positive test, leaving open the possibility of malicious self-reporting to create scares or find out about other people.

"Someone could falsely report positives, see who (GeauxTrace) connected to and, thus, learn things," he said.

The San Francisco, California, nonprofit where Callas works, advocates for privacy and other civil liberties in the digital world.

Callas also argued the app could be safer if its random identification numbers changed repeatedly, and if the data was stored on individual phones instead of just servers.

Peng said the app relies on self-reporting due to federal health privacy laws. He said the app's protections were strong enough that users should be confident their data wouldn't be abused.


Email David J. Mitchell at dmitchell@theadvocate.com

Follow David J. Mitchell on Twitter, @NewsieDave.