I'd like to note the AirTag privacy-preserving tracking scheme I learned:

1. the tag shares its key pair with its owning host as part of the pairing process
2. the tag broadcasts its public key when away from its host
3. nearby phones pick up the broadcast and send a location report to the apple server, which includes:
   • the phone's gps location encrypted using the tag's public key
   • the hashed public key of the tag
4. the apple server store the location reports for each hashed public key
5. the host can request the apple server to download location report for the tag using a public key. then it decrypts the gps location using the private key it got during pairing