We had already suspected when the AirTags were introduced that they would have to be quite easy to use for tracking people. Apple promises that they pay attention to privacy, but it is always a trade-off between privacy and the actual function of the device when it comes to tracking devices, so the situation is not that simple.
The core problems are as follows: for one, an Android user has no way of knowing that a foreign AirTag is nearby because there is no app for Android devices. Even users who do not use a smartphone at all are not able to detect if they are being monitored.
For these situations, the AirTag is supposed to beep after a few days via a built-in speaker, so that it can be located. This can be prevented within a few seconds. After ifixit showed the internal structure of the AirTag, it quickly became clear that the manipulation is extremely simple.
AirtagAlex shows in a video how easy it is to disable the speaker in an AirTag: you simply cut off the magnet on the battery cover – done. A loudspeaker is basically built up of a coil, which then moves a magnet with an attached diaphragm. In the AirTag, the coil is seen in the small board, the diaphragm is the battery holder itself (clever space saving), the magnet is the little metal thing that can be easily removed because it’s just glued. The video says “coil”, but it should be the magnet.
In short: There is not the slightest protection of the AirTag against manipulation. It can be easily reassembled and looks the same as before. The only difference is that the AirTag can no longer be activated by an acoustic signal.
So it is still valid: It is only possible to detect foreign AirTags in your own environment if you use Apple devices. Non-Apple users can thus easily be monitored without ever having the possibility to find the AirTag.
Again the note that this is illegal. Plus, Apple can still disable AirTags at some point, even if they don’t beep. But monitoring anyone over the weekend is no longer a problem. In view of Apple’s strong focus on data protection, we would have expected a technical solution that at least makes the AirTag unusable in case of manipulation.
After all, such a silent AirTag can now be used for fair things: For example, monitoring one’s mail without the letter beeping.