This capability is compelling from a public-health standpoint but has serious privacy implications. It looks like every phone shares a unique id, but encrypts it in a frequently rotating way, using a public key provided by a government authority.

This raises a few questions for me: - Is an entirely decentralized solution to this problem possible? - Aside from placing trust in the government, are the privacy protections adequate?