A number of protocol designs for co-location tracking have already been developed, most of which claim to function in a privacy preserving manner. However, despite claims such as “GDPR compliance”, “anonymity”, “pseudonymity” or other forms of “privacy”, the authors of these designs usually neglect to precisely define what they (aim to) protect. We make a first step towards formally defining the privacy notions of proximity tracing services, especially with regards to the health, (co-)location, and social interaction of their users. We also give a high-level intuition of which protection the most prominent proposals can and cannot achieve. This initial
overview indicates that all proposals include some centralized services, and none protects identity and (co-)locations of infected sers perfectly from both other users and the service provider.