Screenshot of CA Notify website. A proposed class action is asking a federal court to order Google to fix an alleged security threat that makes the company's COVID-19 contact-tracing system developed with Apple less "privacy-preserving" than the tech giants claimed.

Nearly 40 countries and dozens of U.S. states, including California, use the Google-Apple Exposure Notification System (GAEN) for their coronavirus contact-tracing apps. The system leverages Bluetooth technology and deploys safeguards such as randomized identifiers, called rolling proximity identifiers or RPIs, and decentralized storage on devices to protect users' privacy.

In a complaint filed Wednesday in the U.S. District Court for the Northern District of California, attorneys from Lieff Cabraser Heimann & Bernstein assert that dozens of third parties might have access to the system's stored data on mobile devices, including personally identifiable information and potential COVID-19 exposure results.