Just received from a friend:
The alert on itself isn’t the problem and it isn’t possible to “hack” the phone via the alert. BUT… – the alert will be used by the security services to triangulate the location of every phone in the UK at a precise moment in time and then cross-reference this with other intelligence gathered by the security services and special branch, some of it for “legitimate ” reasons, but also to gather intelligence on activists of any kind that they think may pose a threat now or, more worryingly, in the future. The term being used by internally is “intelligence farming”.
The other very worrying element is the plan to make the alerts more commonplace so that people become used to receiving alerts/messages directly from the government that cannot be ignored or turned off. There’s a discussion being had as to whether an alert can be sent out with details of another strain of Covid.