The use of COVID-19 contact tracing apps implies a potential trade-off between public health interests and privacy/data protection
During the COVID-19 pandemic telecoms networks are already playing a strong role in protecting society and keeping certain parts of the economy functioning.1 This article discusses the opportunity to use smartphone technologies to track people for public health applications, and the obvious privacy implications associated with this.
Location tracking generates potentially useful information that could help to reduce onward spread of the disease. For example, it can be used to:
- Measure the approximate locations of citizens / number of movements (footfall) per day in specific areas, to indicate whether lockdown controls are being observed in a consistent way over time
- Reveal detailed movement patterns to assist in modelling the interconnectedness of society (e.g. to understand which lockdown measures are more likely to reduce the number of new cases per infected person, and so stem the growth rate of the disease and hasten its decline)
- Identify people who need to be warned to self-isolate because they have been in close proximity to known cases during the period when those people may have been infectious.
Each of these applications has different requirements in terms of location accuracy, synchronisation of data collection (timestamps), and the required level of take-up of the tracking mechanism. They can also be implemented in a variety of ways, with the data that is gathered being subject to different degrees of aggregation, anonymisation and storage. These results can be partly achieved with different levels of privacy protection:
- The first (footfall) application is, with certain limits, readily achievable with entirely anonymised data
- The second (detailed movement patterns) is by its nature very difficult to anonymise (since it involves tracking where individuals live, work and shop)
- The third can potentially be achieved without knowing the actual location of the device, by using short-range device-to-device communications (e.g. Bluetooth Low Energy (BLE)); Apple and Google recently announced a BLE-based system aimed at establishing a contact-tracing network on a voluntary basis, by using smartphones to store data about other phones that have been in close proximity.
The short-range device-to-device option could possibly enable tracking of likely contacts without allowing the state to know everyone’s detailed movements all the time, but the concept – at least as it has been described to date – does pose several challenges:
- It will only work well enough to prevent new clusters of infection if a high proportion of the population always carries a suitable device
- Even such chains of contacts represent data that would be highly valuable to certain state actors outside the health arena (e.g. for detection of crime, espionage, suppression of investigative journalism)
- If it relies on self-reporting of symptoms there is a risk of misuse; and mechanisms to minimise abuse would have to avoid deterring genuine reporting of mild symptoms
- Characteristics of the device/operating system (OS) may limit the ability to support specific technical solutions (e.g. access to location data when the app is not active; battery life).
According to media reports,2 some countries have started using phone data to track people’s movements in various ways, and with different levels of intrusiveness – including the USA, South Korea, Iran, Israel,3 Singapore, Taiwan, Austria, Poland, Belgium, Germany and Italy.
These developments raise some questions:
- Should governments be entitled to track people to support these kinds of apps during pandemics? What about seasonal flu? Will such practices become permanent?
- How is this related to citizens’ personal data protection rights (especially in the EU)?
These questions highlight a trade-off between the protection of a general interest (i.e. in the present case, public health) and the rights of an individual (privacy).
Contact tracing of the kind outlined above:
- has the potential to prove useful in the current circumstances, but great care would be required in its implementation, including the need for societal consent (e.g. support from domestic parliaments)
- requires individual consent: people must agree to be traced by the state or by someone on its behalf (assuming this is not to be secret surveillance)
- should only be allowed under very tight safeguards: in the EU, the General Data Protection Regulation (GDPR) framework does provide scope for processing personal data (including location) for public interest purposes;4 however, GDPR also gives the data subject several rights (e.g. access, rectification, erasure)5 from which derogation is only possible if there are specific legal provisions in the relevant Member State.6
The Italian case
As an example of work underway in individual countries, the Italian government has selected an app for contact tracing and physical parameter recording, based on a combination of GPS and BLE. App download and usage will be on a voluntary basis, but people who do not install and use it may be subject to mobility restrictions.
Current efforts in Italy are focused on identifying key elements of the GDPR framework relevant to use of the proposed app, including data controller and processor, data storage locations (e.g. GDPR includes specific prescriptions regarding cross-border and/or cloud-based storage solutions).7 Italy’s Parliament, privacy authority and secret service committee are each required to provide input on the app’s compliance with national law (and GDPR) before it can be used.
Thus, while an app of this kind is clearly aimed at protecting public health, its impact on individuals’ interests (i.e. privacy rights) needs to be assessed and minimised by relevant stakeholders (such as the privacy authority and the OS provider) – but ideally without significantly delaying the development and deployment of the app.
If you are interested in the issues discussed in this article, please contact Fabio Fradella at firstname.lastname@example.org.
1 Analysys Mason Consulting: COVID-19: the telecoms industry will suffer less than many others, and can thus help to support the economy
2 See Business Insider, “The US is tracking people’s movements with phone data, and it’s part of a massive increase in global surveillance”, available at https://www.businessinsider.com/countries-tracking-citizens-phones-coronavirus-2020-3?IR=T#taiwan-can-tell-when-quarantined-people-have-left-the-house-6
3 A move which has subsequently been suspended over privacy concerns; see https://www.bbc.com/news/technology-52395886
4 See EU Regulation 2016/679, Article 6, point 1e.
5 Ibid, Chapter III.
6 Ibid, Article 89.
7 Ibid, Chapter V.