The thin line between Privacy and Contact Tracing

The COVID-19 pandemic has seen over two million people infected worldwide. As medical personnel work around the clock to treat victims, authorities are also trying their best to trace and locate individuals who may have come in contact with victims. But contact tracing does have its limitations as it can be challenging to trace every individual that may have come in contact with a victim. And of course, there are concerns about privact as well. 

There have been several apps that have been used for contact tracing in recent months by different countries. Singapore's contact tracing app Trace Together, for example, has already been installed by more than 620,000 people. The Singaporean government announced that they will be making the software freely available for developers around the world.

Over in Australia, the Australian government is planning to launch an app in a matter of weeks based on Singapore's Trace Together app. The app will trace every person who has been in contact with a mobile phone owner who has tested positive for coronavirus in the previous few weeks, in a bid to automate coronavirus contact tracing, and allow the easing of restrictions.

The Trace Together app works by using Bluetooth to record anyone you get close to who also has the app. According to the developers, the app does not collect or use users' location data, but only records who they might have been close to.

Apple and Google join in
Interestingly, since Singapore's contact tracing app has been rather influential and successful in the industry, it has also captured the attention of the big guys.

In a recent press statement by Apple and Google, both companies are also working together to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus, with user privacy and security central to the design.

As a number of leading public health authorities, universities, and NGOs around the world have been doing important work to develop opt-in contact tracing technology, Apple and Google will also be launching a comprehensive solution that includes application programming interfaces (APIs) and operating system-level technology to assist in enabling contact tracing. Given the urgent need, the plan is to implement this solution in two steps while maintaining strong protections around user privacy.

Both companies will release APIs that enable interoperability between Android and iOS devices using apps from public health authorities in May. These official apps will be available for users to download via their respective app stores. Apple and Google will continue to work to enable a broader Bluetooth-based contact tracing platform by building this functionality into the underlying platforms in the coming months.

This is a more robust solution than an API and would allow more individuals to participate if they choose to opt-in, as well as enable interaction with a broader ecosystem of apps and government health authorities.

According to the statement, "Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders. We will openly publish information about our work for others to analyze."

Privacy Concerns
As much as Google and Apple have assured privacy and transparency over user data, the worry is always there that this would pave the way for a form of legal spying. Even for Singapore's Trace Together app, there were privacy concerns and for similar apps in the region and the rest of the world.

Aarogya Setu – Hindi for Healthcare Bridge, an app launched in India – alerts users if they come in contact with an infected person and informs them about health services they could contact. The app is the fastest ever to reach 50 million users while being dogged by privacy concerns. Reports by Indian press and studies, however, show that the app is inconsistent with privacy efforts.

While most of these apps rely on Bluetooth technology, a report in CNN Business highlights that "academics and industry have coalesced around Bluetooth-based proximity tracking over GPS location tracking, largely because geolocation data can often be reverse-engineered to deduce a person's identity."

One argument in the BBC states that "bluetooth is being used rather than location data, powered by GPS, the global positioning system, because GPS is not possible to use without breaching privacy laws in most democracies. It's also a significant drain on mobile phone batteries and, more fundamentally, isn't accurate enough based on what we think we know about the transmission of Covid-19."

Interestingly, the NHS in the UK feels that new tools strictly limit the information that public health authorities can gather as it can only perform a limited version of contact tracing. Meaning a public health authority can't ask a phone to gather a list of every other phone it has been in contact with. This could create false positives or even near misses from contacts that may be infected.

Due to the nature of the current situation, perhaps individuals and governments are looking to turn a blind eye on privacy concerns just to get rid of the virus? Can the public trust that their data is truly only used for contact tracing? Can they actually trust app companies and large enterprises like Google and Apple to be honest and not make use of their personal data? And what about false positives? Can this app define how close is close proximity – let's say your device and an infected person's device is side by side, but both of you are actually in two different rooms.

Only time and technology will tell.

You control your privacy
Despite the arguments brought up, at the end of the day, the apps will not be able to trace your location and movement if you do not download them on your devices or grant it permission to do so.

Yes, privacy is a concern for all of us. But at times like this, it will probably just have to go down to trusting such services and hoping our data is not used for the wrong reasons. There is no denying that breaches may happen or the data may be compromised, but if this is one way of detecting victims and controlling the spread of the virus, we may just have no choice but to get used to it.

After all, the new normal does see us depending highly on our devices and sharing our information on other applications – work, shopping, leisure, entertainment. As long as we can control the spread of the virus, perhaps that thin line between privacy and contract tracing will not be a big issue.

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments