It sounds like you're describing two separate things.
In terms of Bluetooth security, I can certainly follow up with what we've been doing to create a secure environment on Android phones.
In the other context, particularly the one you have identified around false positives, that's actually a system that would be controlled at the public health authority. They would be taking the results of COVID-19 testing and then using the API to notify people who had been in close proximity to the person identified as being diagnosed positive. So you—