Many academics, business leaders, and governments are claiming that technology is a critical part of the fight against the COVID-19 pandemic. By utilizing the surveillance capabilities of modern data acquisition systems, it is believed, citizens can be provided with tools that will allow them to see if they have come into contact with someone infected with the virus.
There are two proposed models for contact-tracing apps of this type. One model proposes that location data on citizens be collected and processed centrally by governments. This type of data collection has—understandably—been widely criticized by consumer and privacy rights groups, because of the unprecedented level of surveillance it would represent. Given that tech companies are already deploying this power in service to their governments—with YouTube blocking content that contradicts the WHO, for instance—these fears seem well justified.
Another proposed model is to collect and store location and contact data on citizens’ own devices. This distributed form of data collection has received widespread academic support, because it is claimed that it provides a way for contact-tracing to be performed without giving tech companies and governments access to real-time data on the movements and habits of their citizens.
This distributed data collection model, however, raises some fairly fundamental privacy concerns. Even if a legal framework is in place to protect citizens’ data—which currently isn’t—the level of awareness of digital privacy among the general public still makes these apps extremely dangerous.
In this article, we’ll take a look at the way in which contact tracing apps are designed to work, and why they should be a cause for concern.
Centralization vs. Distribution
Let’s first make the obvious point that some of the contact tracing apps that have been rolled out by governments outside the US and Europe are deeply problematic. In Israel, the government recently passed a law that allowed their security services to access location data on all citizens, and store this centrally. South Korea and China have also followed this model.
The dangers involved in allowing governments to collect this kind of data are clear, and have been pointed out by many privacy advocacy groups in the US and Europe. Nevertheless, governments in these countries are proposing that some form of contact-tracing app be implemented, not least because these governments have a very poor record of conducting contact-tracing on their own.
The proposal is that contact-tracing apps be built on a distributed model. Individual smartphones would store data about the exposure of their owners to COVID-19, it is claimed, and only use this information to communicate with other discrete devices. No data would be sent to centralized cloud storage devices, and even the tech firms who developed these apps would not have access to individual-level data on the status or movements of users.
This is the model that has recently been proposed by Apple and Google, and similar proposals have been put forward by an MIT-associated effort called PACT as well as by multiple European groups. In most proposals, Bluetooth technology would be used to alert users if they are close to another user who has been exposed to the virus.
The (Missing) Legal Framework
At first glance, apps built in this decentralized way appear to address the privacy concerns of mass data surveillance. They appear to build on policies that delegate responsibility to individual citizens, such as Sweden’s policy of individual responsibility that has performed well despite the lack of government interference in people's daily lives.
There remain, however, two major problems with even de-centralized contact-tracing apps. One is that there exists no legal framework to protect the users of these apps against unwanted surveillance. The second is that, even if this legal framework was in place, any data stored on smartphones can potentially be stolen by hackers or surveillance agencies.
Let's briefly deal with the legal implications first. In our article on the legal issues involved with contact tracing apps, we've already pointed out that the legality of this form of mass surveillance is questionable at best. Given the increasing scale of internet censorship, it's also possible that governments could use the data produced by these apps to profile, target, and surveil users.
But the problems raised by contact-tracing apps—decentralized or not—go much deeper than this. At the most fundamental level, it is far from clear that these apps would even be effective at performing their primary task. In order for such an app to be effective, citizens would have to be legally required to download and use it. Otherwise, an infected user could simply delete their app, and undermine the efficacy of the whole system. Giving governments the power to mandate that citizens use particular apps would be unprecedented, and extremely dangerous.
Privacy and Security
Even if a rigorous legal framework for contact tracing apps were to be developed, and even if this protected the privacy of individual users, contact tracing apps would still be dangerous. This is because, as many companies are now experiencing as they try to increase cybersecurity in remote working, the level of cybersecurity expertise among the general public is extremely low. This means that any data collected through contact tracing apps—even if it is stored locally—is vulnerable.
This point has long been known, and the existing legislation on data privacy recognizes it. Europe's GDPR—widely regarded as the gold standard when it comes to data privacy rights—explicitly mentions that data privacy cannot be achieved without data security. It's approach to solving this issue is simple: it mandates that companies cannot collect data they do not need. In other words, the safest way to stop data from being stolen is to never collect it in the first place.
In the context of contact tracing, the concern is that even if location and contact data is stored on individual smartphones—rather than in centralized systems—this is no guarantee that it will not be stolen, or that it cannot be accessed by law enforcement and government surveillance agencies. Research also indicates that even where users protect themselves, the tools they use to do so may end up undermining their privacy still further.
It might be countered, of course, that a huge variety of apps already collect geo-location data on users, and that the data collected by contact tracing apps is therefore no different from data already stored on smartphones. However, the crucial difference with this type of app is that it allows surveillance agencies to see who users have been in contact with. These data could then be used by law enforcement agencies to extract real-time information on the movements of individual citizens.
None of these issues are new. Privacy rights groups have been raising concerns about the legality of mass surveillance for more than a decade. What the pandemic has done, however, is provide an excuse for governments to justify the mass collection of geo-location data. As we’ve pointed out, there is currently no way in which these data can be collected whilst respecting users’ fundamental right to privacy. There is no legal process for mandating the use of contact tracing apps; even if there were, the poor security implemented on the average smartphone makes these data highly vulnerable to theft or legal extraction.
It is important that in re-building the world after the pandemic we learn the lessons of the present time. We should, of course, overturn the economic policy that has made us more vulnerable to COVID-19, but we should also take the opportunity to look again at the level of surveillance that our digital world has made possible, and to challenge this.
Ultimately, we need to make technology work for those who use it, and not as a tool for the kind of "surveillance capitalism" that is rapidly overtaking our society. And resisting contact-tracing apps is just the start of that fight.
This article originally appeared at FEE.org and is reprinted by agreement.