Homomorphic encryption is not computationally practical and differential privacy relies on noise which is not ideal when (i) errors compound as is the case of contact tracing where each new node introduces many candidates for exposure and (ii) there is a high cost of false positives or negatives.
Perhaps this is a use case for a secure enclave, where location data is stored, a biometric authenticated authorization can be used for releasing it, and there is provably no backdoor for this feature to be used without the user's approval. I hope to see companies like AAPL address this in a way that solves for these types of situations without introducing draconian oversight capabilities.
