The world's mountain of discarded flat-screen TVs, cellphones and other electronic goods grew to a record high last year, according to an annual report released Thursday. New submitter Splyncryth writes: The U.N.-backed study estimated the amount of e-waste that piled up globally in 2019 at 53.6 million metric tonnes (59.1 million tons) - almost 2 million metric tons more than the previous year. The authors of the study calculated the combined weight of all dumped devices with a battery or a plug last year was the equivalent of 350 cruise ships the size of the Queen Mary 2. Among all the discarded plastic and silicon were large amounts of copper, gold and other precious metals -- used for example to conduct electricity on circuit boards. While about a sixth of it was recycled, the remainder of those valuable components -- worth about $57 billion -- weren't reclaimed, the study found.

According to a report from a South Korean publication, Samsung is working on Galaxy Fold Lite for as cheap as $900. Samsung will reportedly cut costs by downgrading the camera capabilities and internal specifications. Bleeping Computer reports: The Galaxy Fold Lite will reportedly launch in 2021, but remember that this is just a rumor out of South Korea and it has to be taken with a grain of salt. It appears that the foldable device was planned to be announced during the August 5 event, but Samsung has reportedly postponed its launch to 2021. Galaxy Fold Lite is certainly possible and it was recently tipped off by XDA-Developers' Max Weinbach on Twitter. Another leaker revealed that the Galaxy Fold e could be named Galaxy Gold Lite and priced below $1100.

The iPhone that Moroccan journalist Omar Radi used to contact his sources also allowed his government to spy on him (and at least two other journalists), reports the Toronto Star, citing new research from Amnesty International.

A Slashdot reader shares their report: Their government could read every email, text and website visited; listen to every phone call and watch every video conference; download calendar entries, monitor GPS coordinates, and even turn on the camera and microphone to see and hear where the phone was at any moment.

Yet Radi was trained in encryption and cyber security. He hadn't clicked on any suspicious links and didn't have any missed calls on WhatsApp — both well-documented ways a cell phone can be hacked. Instead, a report published Monday by Amnesty International shows Radi was targeted by a new and frighteningly stealthy technique. All he had to do was visit one website. Any website.

Forensic evidence gathered by Amnesty International on Radi's phone shows that it was infected by "network injection," a fully automated method where an attacker intercepts a cellular signal when it makes a request to visit a website. In milliseconds, the web browser is diverted to a malicious site and spyware code is downloaded that allows remote access to everything on the phone. The browser then redirects to the intended website and the user is none the wiser.
Two more human rights advocates in Morocco have been targeted by the same malware, the article reports.

An anonymous reader quotes a report from BuzzFeed News: On the weekend of May 29, thousands of people marched, sang, grieved, and chanted, demanding an end to police brutality and the defunding of police departments in the aftermath of the police killings of George Floyd and Breonna Taylor. They marched en masse in cities like Minneapolis, New York, Los Angeles, and Atlanta, empowered by their number and the assumed anonymity of the crowd. And they did so completely unaware that a tech company was using location data harvested from their cellphones to predict their race, age, and gender and where they lived. Just over two weeks later, that company, Mobilewalla, released a report titled "George Floyd Protester Demographics: Insights Across 4 Major US Cities." In 60 pie charts, the document details what percentage of protesters the company believes were male or female, young adult (18-34); middle-aged 3554, or older (55+); and "African-American," "Caucasian/Others," "Hispanic," or "Asian-American."

"African American males made up the majority of protesters in the four observed cities vs. females," Mobilewalla claimed. "Men vs. women in Atlanta (61% vs. 39%), in Los Angeles (65% vs. 35%), in Minneapolis (54% vs. 46%) and in New York (59% vs. 41%)." The company analyzed data from 16,902 devices at protests -- including exactly 8,152 devices in New York, 4,527 in Los Angeles, 2,357 in Minneapolis, and 1,866 in Atlanta. It's unclear how accurate Mobilewalla's analysis actually is. But Mobilewalla's report is another revelation from a wild west of obscure companies with untold amounts of sensitive information about individuals -- including where they go and what their political allegiances may be. There are no federal laws in place to prevent this information from being abused. Mobilewalla's privacy policy says that people have the right to opt out of certain uses of their personal information. But it also says, "Even if you opt out, we, our Clients and third parties may still collect and use information regarding your activities on the Services, Properties, websites and/or applications and/or information from advertisements for other legal purposes as described herein."

Mobilewalla CEO Anindya Datta said the company didn't prepare the report for law enforcement or a public agency, but rather to satisfy its own employees' curiosity about what its vast trove of unregulated data could reveal about the demonstrators. He added that the company doesn't plan to include information about whether a person attended a protest to its clients, or to law enforcement agencies.

An anonymous reader quotes a report from Ars Technica: Indiana's Supreme Court has ruled that the Fifth Amendment allows a woman accused of stalking to refuse to unlock her iPhone. The court held that the Fifth Amendment's rule against self-incrimination protected Katelin Seo from giving the police access to potentially incriminating data on her phone. The courts are divided on how to apply the Fifth Amendment in this kind of case. Earlier this year, a Philadelphia man was released from jail after four years of being held in contempt in connection with a child-pornography case. A federal appeals court rejected his argument that the Fifth Amendment gave him the right to refuse to unlock hard drives found in his possession. A Vermont federal court reached the same conclusion in 2009 -- as did a Colorado federal court in 2012, a Virginia state court in 2014, and the Massachusetts Supreme Judicial Court in 2014.

But other courts in Florida, Wisconsin, and Pennsylvania have reached the opposite conclusion, holding that forcing people to provide computer or smartphone passwords would violate the Fifth Amendment. Lower courts are divided about this issue because the relevant Supreme Court precedents all predate the smartphone era. To understand the two competing theories, it's helpful to analogize the situation to a pre-digital technology.

The Internal Revenue Service attempted to identify and track potential criminal suspects by purchasing access to a commercial database that records the locations of millions of American cellphones. The Wall Street Journal reports: The IRS Criminal Investigation unit, or IRS CI, had a subscription to access the data in 2017 and 2018, and the way it used the data was revealed last week in a briefing by IRS CI officials to Sen. Ron Wyden's (D., Ore.) office. The briefing was described to The Wall Street Journal by an aide to the senator. IRS CI officials told Mr. Wyden's office that their lawyers had given verbal approval for the use of the database, which is sold by a Virginia-based government contractor called Venntel Inc. Venntel obtains anonymized location data from the marketing industry and resells it to governments. IRS CI added that it let its Venntel subscription lapse after it failed to locate any targets of interest during the year it paid for the service, according to Mr. Wyden's aide.

Justin Cole, a spokesman for IRS CI, said it entered into a "limited contract with Venntel to test their services against the law enforcement requirements of our agency." IRS CI pursues the most serious and flagrant violations of tax law, and it said it used the Venntel database in "significant money-laundering, cyber, drug and organized-crime cases." "The tool provided information as to where a phone with an anonymized identifier (created by Venntel) is located at different times," Mr. Cole said. "For example, if we know that a suspicious ATM deposit was made at a specific time and at a specific location, and we have one or more other data points for the same scheme, we can cross reference the data from each event to see if one or more devices were present at multiple transactions. This would then allow us to identify the device used by a potential suspect and attempt to follow that particular movement."

IRS CI "attempted to use Venntel data to look for location records for mobile devices that were consistently present during multiple financial transactions related to an alleged crime," Mr. Cole said. He said that the tool could be used to track an individual criminal suspect once one was identified but said that it didn't do so because the tool produced no leads.

Mike Dano, reporting for Light Reading: Cox Communications -- one of the nation's largest cable providers -- is preparing to launch a mobile service, according to several sources familiar with the company's plans. However, the details of Cox's mobile strategy, including when it might launch and which wireless network provider it might partner with, are still unclear. AT&T executives have publicly indicated that the carrier is looking to sign MVNO partnerships with cable operators, and the sources said the two pursued MVNO talks earlier this year, but it's not clear whether the companies consummated the deal. It's noteworthy that Cox is preparing to re-enter the mobile industry by offering cellphones and wireless services to its broadband cable customers. The action would put Cox alongside fellow cable companies Altice USA, Comcast and Charter Communications, which have all also launched mobile services to their broadband customers. Comcast's Xfinity Mobile and Charter's Spectrum Mobile piggyback on Verizon's wireless network. Altice Mobile runs on T-Mobile's network. A Cox representative confirmed the company is interested in entering the mobile industry. "We believe the market is becoming more attractive for us to enter the wireless space and we are exploring it more aggressively now, but have not announced any specific plans," company spokesperson Todd Smith wrote in response to questions from Light Reading. "We have not entered into any MVNO agreements yet."

"Australia's coronavirus tracing app, dubbed COVIDSafe, has been released as the nation seeks to contain the spread of the deadly pandemic," reports ABC.net.au: People who download the app will be asked to supply a name, which can be a pseudonym, their age range, a mobile number and post code. Those who download the software will be notified if they have contact with another user who tests positive for coronavirus... Using Bluetooth technology, the app "pings" or exchanges a "digital handshake" with another user when they come within 1.5 metres of each other, and then logs this contact and encrypts it.

The data remains encrypted on a user's phone for 21 days, after which it is deleted if they have not been in contact with a confirmed case. The application will have two stages of consent that people will have to agree to: initially when they download the app so data can be collected, and secondly to release that data on their phone if they are diagnosed with the virus. If a person with the app tested positive to COVID-19, and provided they consent to sharing the information, it will be sent to a central server. From here, state and territory health authorities can access it and start contacting other people who might have contracted coronavirus...

The app is voluntary and it will be illegal to force anyone to download it.
In addition, Australia "will make it illegal for non-health officials to access data collected on smartphone software to trace the spread of the coronavirus," reports Reuters, citing comments Friday by Prime Minister Scott Morrison "amid privacy concerns raised by the measure." Australia has so far avoided the high death toll of other countries, with only 78 deaths, largely as a result of tough restrictions on movement that have brought public life to a standstill. The federal government has said existing "social distancing" measures will remain until at least mid-May, and that its willingness to relax them will depend on whether people download the smartphone "app" to identify who a person with the illness has had contact with...

Morrison also confirmed a local media report which said the data would be stored on servers managed by AWS, a unit of U.S. internet giant Amazon.com Inc, but added that "it's a nationally encrypted data store".
"The spec for it is very privacy-positive," writes Slashdot reader Bleve97, adding "It will be interesting to see what it looks like once it's been disassembled in a sandbox and played with!"

And Slashdot reader betsuin has already installed it (adding that the app "does not require GPS... I've installed, GPS is off on my rooted device."

Reuters reports: Google and Apple have sought to build public trust by emphasizing that the changes they are making to Bluetooth to allow the tracing apps to work will not tap phones' GPS sensors, which privacy activists see as too intrusive. But the states pioneering the apps -- North and South Dakota, and Utah -- say allowing public health authorities to use GPS in tandem with Bluetooth is key to making the system viable...

Apple and Google said on Friday that they still have not decided how to proceed. "I would encourage them to go for the 'and' and not the 'or' solution," North Dakota Governor Doug Burgum said of Apple and Google in an interview late Thursday. "During this new normal, there is a place for having solutions that protect privacy and enable more efficient contact tracing," said Burgum... "What Utah wanted to understand is not just who is spreading [the virus] to whom but also location zones," said Jared Allgood, chief strategy officer for Twenty, the startup which developed Utah's app for an initial $1.75 million. GPS location data allows authorities to decide which businesses may need to be closed because the virus is spreading there, and prioritize which contacts of diagnosed patients to test...

Anonymized GPS location data is already playing a key role in an early version of Care19, an app that about 40,000 people have signed up for in North and South Dakota. Authorities currently ask Care19 users to give them permission for timestamped GPS location data, which allows officials to manually call places where users could have spread the virus and ask for names and numbers of others who may have been there at the same time.
North Dakota's governor suggests that not everyone is concerned about sharing their GPS data. "Some people are completely opposed to an intrusion on privacy," he told Reuters, "but there's a younger generation sharing their location on dozens of apps. There may be a set of people highly social, young and going out to bars who may see this tool as fantastic."

And Yahoo News reports another concern about contact tracing. "Some argue the information should be pushed out to a central server managed by a trustworthy government or health care entity, while others insist that data remain on individual devices."

An anonymous reader quotes a report from The Verge: On Friday, Apple and Google revised their ambitious automatic contact-tracing proposal, just two weeks after the system was first announced. An Apple representative said the changes were the result of feedback both companies had received about the specifications and how they might be improved. The companies also released a "Frequently Asked Questions" page, which rehashes much of the information already made public. On a call accompanying the announcement, representatives from each company pledged for the first time to disable the service after the outbreak had been sufficiently contained. Such a decision would have to be made on a region-by-region basis, and it's unclear how public health authorities would reach such a determination. However, the engineers stated definitively that the APIs were not intended to be maintained indefinitely.

Under the new encryption specification, daily tracing keys will now be randomly generated rather than mathematically derived from a user's private key. Crucially, the daily tracing key is shared with the central database if a user decides to report their positive diagnosis. As part of the change, the daily key is now referred to as the "temporary tracing key," and the long-term tracing key included in the original specification is no longer present. The new encryption specification also establishes specific protections around the metadata associated with the system's Bluetooth transmissions. Along with the random codes, devices will also broadcast their base power level (used in calculating proximity) and which version of the tool they are running. The companies are also changing the language they use to describe the project. The protocols were initially announced as a contact-tracing system, it is now referred to as an "exposure notification" system. The companies say the name change reflects that the new system should be "in service of broader contact tracing efforts by public health authorities."

An anonymous reader quotes a report from The New York Times: The alarming messages came fast and furious in mid-March, popping up on the cellphone screens and social media feeds of millions of Americans grappling with the onset of the coronavirus pandemic. Spread the word, the messages said: The Trump administration was about to lock down the entire country. "They will announce this as soon as they have troops in place to help prevent looters and rioters," warned one of the messages, which cited a source in the Department of Homeland Security. "He said he got the call last night and was told to pack and be prepared for the call today with his dispatch orders." The messages became so widespread over 48 hours that the White House's National Security Council issued an announcement via Twitter that they were "FAKE."

Since that wave of panic, United States intelligence agencies have assessed that Chinese operatives helped push the messages across platforms, according to six American officials, who spoke on the condition of anonymity to publicly discuss intelligence matters. The amplification techniques are alarming to officials because the disinformation showed up as texts on many Americans' cellphones, a tactic that several of the officials said they had not seen before. [...] Two American officials stressed they did not believe Chinese operatives created the lockdown messages, but rather amplified existing ones. Those efforts enabled the messages to catch the attention of enough people that they then spread on their own, with little need for further work by foreign agents. The messages appeared to gain significant traction on Facebook as they were also proliferating through texts, according to an analysis by The New York Times. "American officials said the operatives had adopted some of the techniques mastered by Russia-backed trolls, such as creating fake social media accounts to push messages to sympathetic Americans, who in turn unwittingly help spread them," the report adds.

"American intelligence officers are also examining whether spies in China's diplomatic missions in the United States helped spread the fake lockdown messages, a senior American official said. [...] And the apparent aim of spreading the fake lockdown messages last month is consistent with a type of disinformation favored by Russian actors -- namely sowing chaos and undermining confidence among Americans in the U.S. government."

Rei writes: A paper recently published by The American Society of Tropical Medicine and Hygiene adds further support to recent CDC guidelines for minimizing the use of invasive ventilators. As physicians had been voicing concern that doctors were being too eager to put patients on invasive ventilation and may be doing more harm than good, the investigators looked into outcomes of intubated patients vs. non-intubated patients experiencing hypoxia. Unlike with other forms of pneumonia, they found that COVID-19 patients were unusually damaged by invasive ventilation but also able to tolerate higher levels of anoxia -- to the point that one doctor recalls having to tell patients to get off their cellphones so that they could be intubated. The recommendation is that guidelines be adjusted to discourage invasive ventilation unless a patient is physically struggling to breathe, rather than relying strictly on oxygen levels; otherwise, the use of non-invasive ventilation, such as CPAP and BiPAP, should be encouraged. When invasive ventilation is used, oxygen levels should be minimized in order to reduce the risk of damaging healthy tissue.

An anonymous reader quotes a report from 9to5Google: Motorola hasn't had a true flagship on the market in a few years after its Moto Z line was downgraded to mid-range status. Today, though, the company has officially unveiled the Motorola Edge and Edge+ with the Snapdragon 865, crazy cameras, and more. Here's what you need to know. The Motorola Edge+ is the true flagship of the two, offering a Snapdragon 865 processor, 12GB of RAM, 256GB of storage, and a 6.7-inch FHD AMOLED display that has a "waterfall" curve on either side, a hole-punch containing the 24MP selfie shooter, and a 90Hz refresh rate. The Motorola Edge+ also features wireless charging, 18W wired charging, and a triple camera system. There's a 108MP sensor to headline that array, but also a 16MP ultrawide shooter and 8MP telephoto lens. There's also a 5,000 mAh battery to ensure plenty of power. It even offers reverse wireless charging.

What about the regular Motorola Edge? That device makes pretty smart cuts to keep a lower price. It has the same display and overall design but uses a Snapdragon 765 to keep 5G and good performance. It's paired with Android 10 and either 4GB or 6GB of RAM and 128GB of storage on all models. There's also a 64MP camera backed up by the same 16MP ultrawide and 8MP telephoto shooters. The regular Edge does lose wireless charging, though for its 4,500 mAh battery. Here's one fun part of both of these phones. They still have headphone jacks. Both the Edge and Edge+ also feature 5G support (only sub-6 for the Edge), offer red or black colors, and use their curved displays for a few neat software tricks. Both are also promised at least one major Android upgrade, too. As for pricing, the Motorola Edge+ will be available exclusively via Verizon for $1,000, or $41.66/month. The price of the regular Edge hasn't been announced yet, but it should be considerably cheaper and more broadly available.

An anonymous reader quotes a report from Ars Technica: As many as a billion mobile phone owners around the world will be unable to use the smartphone-based system proposed by Apple and Google to track whether they have come into contact with people infected with the coronavirus, industry researchers estimate. The figure includes many poorer and older people -- who are also among the most vulnerable to COVID-19 -- demonstrating a "digital divide" within a system that the two tech firms have designed to reach the largest possible number of people while also protecting individuals' privacy.

The particular kind of Bluetooth "low energy" chips that are used to detect proximity between devices without running down the phone's battery are absent from a quarter of smartphones in active use globally today, according to analysts at Counterpoint Research. A further 1.5 billion people still use basic or "feature" phones that do not run iOS or Android at all. "In all, close to 2 billion [mobile users] will not be benefiting from this initiative globally," said Neil Shah, analyst at Counterpoint. "And most of these users with the incompatible devices hail from the lower-income segment or from the senior segment which actually are more vulnerable to the virus." Ben Wood, analyst at CCS Insight, estimates that only around two-thirds of adults would have a compatible phone. "And that's the UK, which is an extremely advanced smartphone market," he said. "In India, you could have 60-70 percent of the population that is ruled out immediately."

The report adds: "Counterpoint Research is more optimistic, estimating that 88 percent compatibility in developed markets such as the US, UK, and Japan, while about half of people in India would own the necessary handset."

Huawei was recently caught passing off photos taken with a DSLR as ones shot with one of its phones. PhoneDog reports: Earlier this month, Huawei kicked off a contest for its Next Image community, and a video on Weibo included several high-quality photos and at the end said they were "taken with Huawei smartphones." As South China Morning Post notes, though, Weibo user Jamie-hua found that some of those photos were actually taken with a $3,500 Nikon D850 DSLR camera. The photos were found on 500px, an online photography site, and were taken by photographer Su Tie.

Huawei has since apologized and said that the photos were incorrectly marked due to "an oversight by the editor." The company has also updated its original promo video for the contest to remove the claim that the images were taken with Huawei phones. This isn't the first time something like this has happened to Huawei. In 2018, an ad appeared to show that a selfie was taken with the Huawei Nova 3, but it was actually snapped with a DSLR.

SecurityWeek editor wiredmikey shares new that Jim Clark and Tom Jermoluk (past founders of Netscape, Silicon Graphics and @Home Network) "have launched a phone-resident personal certificate-based authentication and authorization solution that eliminates all passwords."

Security Week reports: The technology used is not new, being based on X.509 certificates and SSL (invented by Netscape some 25 years ago and still the bedrock of secure internet communications). It is the opportunity provided by the modern smartphone with biometric user access, enough memory and power, and a secure enclave to store the private keys of a self-certificate that never leaves the device that is new. The biometric access ties the phone to its user, and the Beyond Identity certificate authenticates the device/user to the service provider, whether that's a bank or a corporate network...

"When this technology was created at Netscape during the beginning of the World Wide Web, it was conceived as a mechanism for websites to securely communicate, but the tools didn't yet exist to extend the chain all the way to the end user," commented Jermoluk. "Beyond Identity includes the user in the same chain of certificates bound together with the secure encrypted transport (TLS) used by millions of websites in secure communications today...."

With no passwords, the primary cause of data breaches (either to steal passwords or by using stolen passwords) is gone. It removes all friction from the access process, takes the password reset load off the help desk, and can form the basis of a zero-trust model where identity is the perimeter.
Though they're first focusing on the corporate market, their solution should be available to consumers by the end of 2020, the article reports, which speculates that the possibility of pre-also installing the solution on devices "is not out of the question."

Samsung is launching a more budget-friendly version of the Galaxy S10, called the Galaxy S10 Lite. According to The Verge, it'll be available in the U.S. starting tomorrow for $650. The Verge reports: The Galaxy S10 Lite is a budget version of the Galaxy S10 flagship, and it has a 6.7-inch Super AMOLED Infinity-O display at 2400 x 1080 resolution, a Snapdragon 855 processor, and a triple-lens rear camera setup with a 5-megapixel f/2.4 macro lens; a 48-megapixel F2.0 wide-angle lens with "Super Steady OIS;" and a 12-megapixel f/2.2 ultra-wide with a 123-degree angle lens. The company also announced the Galaxy Tab S6 Lite that'll be available in Q2 2020 with a starting price of $349. "The Galaxy Tab S6 Lite has a 10.4-inch screen, an S Pen that can snap to the tablet's body via magnets, an 8-megapixel rear camera lens, a 5-megapixel front camera lens, and a headphone jack," reports The Verge. "You'll also be able to buy an LTE version of the tablet."

An anonymous reader quotes a report from Ars Technica: Huawei is still using components made by U.S. companies in its newest flagship smartphone, a Financial Times teardown has found, despite the U.S. all but blacklisting the Chinese telecoms equipment manufacturer. The teardown was done by XYZone, a Shenzhen-based company that disassembles smartphones and identifies the suppliers of their components. The biggest surprise was that some parts from U.S. companies were still ending up in the newest Huawei smartphone, despite the U.S. all but banning its companies from selling to the Chinese tech company.

The P40's radio-frequency front-end modules were, according to XYZone's teardown analysis, produced by Qualcomm, Skyworks, and Qorvo, three U.S. chip companies. RF front-end modules are critical parts of the phone that are attached to the antennas and required to make calls and connect to the Internet. The Qualcomm component is covered by a license from the U.S. Commerce Department, according to a person familiar with the company. [...] The "Entity List" designation means that U.S. companies have to apply for a license to export any U.S.-origin technologies to Huawei. The U.S. government has granted a "temporary general license" to its companies, allowing them to sell to Huawei to service existing products -- helping clients such as telecoms carriers that may need to replace parts of their wireless equipment. But the general license does not cover sales for the purpose of making new products, such as the P40 smartphone. For that, companies must seek individual licenses, and the Department of Commerce has not said which ones it has granted them to. A spokesperson for Huawei said the company has "always complied with any export control regulations of various countries, including the United States" and that "all the product materials are obtained legally from our global partners, and we insist on working with our partners to provide consumers with high quality products and services."

Also missing from the P40 are parts from U.S. chipmaker Micron. "Micron made the storage devices called NAND flash memory chips for some batches of last year's P30 smartphone, and South Korea's Samsung made the same chips for other batches," reports Ars. "The FT's copy of this year's P40 Pro appears to have only Samsung NAND flash memory chips."

LG is ditching the "G" series branding on future smartphones. The company released the LG Optimus G1 Pro in 2013 and went on to release a new "G" series flagship smartphone every year since, with the most recent being the LG G8X ThinQ. 9to5Google reports: The Korea Herald and Naver have reported over the weekend that LG has decided to stop using the G series branding on future smartphones. Instead, LG would use separate names for each smartphone model with the names "focused on each model's design or special feature." Apparently, a goal for LG is to bring back the success of its "Chocolate" phones from the 2000s. Those devices had a different name for every model focusing on a specific design or software feature. Apparently, this change would take effect starting with the device we previously knew as the "LG G9 ThinQ." It's unclear what that device will be called at this point, but the device is rumored to be less of a flagship, using Qualcomm's Snapdragon 765 instead of the more powerful Snapdragon 865. While this branding decision was reportedly made public in Korea, LG's PR isn't confirming it globally yet.

An anonymous reader quotes the Wall Street Journal: Government officials across the U.S. are using location data from millions of cellphones in a bid to better understand the movements of Americans during the coronavirus pandemic and how they may be affecting the spread of the disease...

The data comes from the mobile advertising industry rather than cellphone carriers. The aim is to create a portal for federal, state and local officials that contains geolocation data in what could be as many as 500 cities across the U.S., one of the people said, to help plan the epidemic response... It shows which retail establishments, parks and other public spaces are still drawing crowds that could risk accelerating the transmission of the virus, according to people familiar with the matter... The data can also reveal general levels of compliance with stay-at-home or shelter-in-place orders, according to experts inside and outside government, and help measure the pandemic's economic impact by revealing the drop-off in retail customers at stores, decreases in automobile miles driven and other economic metrics.

The CDC has started to get analyses based on location data through through an ad hoc coalition of tech companies and data providers — all working in conjunction with the White House and others in government, people said.

The CDC and the White House didn't respond to requests for comment.
It's the cellphone carriers turning over pandemic-fighting data in Germany, Austria, Spain, Belgium, the U.K., according to the article, while Israel mapped infections using its intelligence agencies' antiterrorism phone-tracking. But so far in the U.S., "the data being used has largely been drawn from the advertising industry.

"The mobile marketing industry has billions of geographic data points on hundreds of millions of U.S. cell mobile devices..."