The right balance: digital contact tracing and privacy
Experts discuss privacy issues as governments around the globe explore how technology and data analytics can enable effective contact tracing to slow the pandemic.
The news came minutes before Carolina hosted four experts in a discussion on COVID-19 contact tracing apps.
Apple and Google had just made their operating codes available to governments and public health authorities so they could create smartphone apps to notify people who have come in contact with someone diagnosed with the coronavirus.
It was the perfect beginning to Data Privacy in the Era of COVID-19 — Contact Tracing: Privacy vs. Protection, a recent webinar hosted by the Kenan Institute of Private Enterprise, as countries have launched contact tracing apps and almost all of the issues discussed have been in the news.
Jay Swaminathan
Jay M. Swaminathan, GlaxoSmithKline Distinguished Professor of Operations in the Kenan-Flagler Business School, moderated the webinar. The experts discussed the implications of contact tracing apps, concerns about personal data privacy, impediments to voluntary use and a possible constitutional mandate to use such apps.
Contact tracing defined
Modern contact tracing sprang from thinking such as physician John Snow’s ideas on germ theory during London’s 1854 cholera epidemic. Snow traced deaths to use of a public water pump, which he had closed to help stem the spread of the disease.
Practices such as Snow’s became broadly institutionalized as public health departments emerged in the 1800s, according to Jim Thomas, associate professor of epidemiology at Carolina’s Gillings School of Global Public Health. “When we refer to contact tracing today, it is in the context of what the government is doing to control disease in its population,” Thomas said.
Jim Thomas
Institutional contact tracing involves trained workers contacting individuals who may have been exposed during a public health outbreak such as cholera, H1N1 flu or sexually transmitted diseases. Tracers interview people who have tested positive, advise them to quarantine themselves, then warn others who came into contact with them of their exposure and point those with symptoms to testing and care.
Contact tracing through smartphone apps can potentially move at a speed and scale that keep pace with the transmission rate. Apps could decrease data entry and, with large-scale adoption, give public health departments more information for curbing transmission.
Apps join other digital tools that have extended traditional contract tracing’s effectiveness, including databases of people who have been tested, those infected and contact names, and programs that send text messages about quarantine and services.
Klon Kitchen, director of the Heritage Foundation’s Center for Technology Policy, said that worldwide use of smartphone Bluetooth technology will help health departments deploy apps more rapidly.
Klon Kitchen
Apple and Google own 99% of America’s mobile phone operating system market, so apps could greatly help efforts to slow COVID-19. Kitchen said the companies, eager to see a return to business as usual, saw a “deficiency in a government response, and manual contact tracing isn’t keeping up with the speed of transmission.” Thomas said that Apple and Google refer to the new tool as a notification system. “It’s not intended to provide all the solutions of traditional dedicated contact tracing,” he said.
Trust is important, Thomas added, and tracers should collect only information necessary for tracing and helping the person with recall, while keeping it confidential. The same is true for apps, which automatically transform information into data.
Moving to apps
Thomas said that apps not using Apple or Google’s operating codes helped South Korea and China identify potential exposure. Some use Bluetooth, GPS or centralized government databases of geolocation data and medical records. Public health offices in those countries can contact people with some knowledge of a person’s possible exposure.
In Singapore, for instance, people can voluntarily download a Bluetooth app. An infected person with the app stands near someone; their phones communicate anonymously. An encoded alert later tells the non-infected person of possible transmission from someone nearby.
“It’s like a car’s check engine light,” Thomas said. “The contact then needs to self-quarantine.”
Privacy concerns and data protection
Jules Polonetsky, CEO of the Future of Privacy Forum, said that it helps to think contextually about digital tracing and concerns over privacy, data protection, surveillance and harmful use of personal data.
Jules Polonetsky
“Most of us haven’t lived through crisis situations or pandemics,” Polonetsky said. “Anybody who’s dealt with public health is well aware that there isn’t a notion of privacy when you have a communicable disease.” In that case, he said, the ethical obligation is to tell partners because they are at risk. He equated the situation to being helped while lying injured in the road, saying “They haven’t invaded my privacy. They’ve helped me.”
The experts discussed how countries use different terms such as privacy or data protection. “The European General Data Protection Law, the classic largest comprehensive model that we have in the world that Europe and many countries follow — that statute doesn’t have the word privacy,” Polonetsky said.
Polonetsky said that the U.S. needs comprehensive privacy legislation, especially with states such as California passing legislation that may become de facto with subsequent replication by numerous states.
A tension resides between individual liberty and the good of the community, according to Thomas. He contrasted a doctor’s respect for patient privacy to governmental public health and its protection of the populace.
Thomas said that taking good care of the populace requires a guiding ethical principal to use the least restrictive and most effective method. One method employed by the smartphone tool erases data every 30 days, Thomas said, making it difficult to use for research unless it’s immediate analysis or the data can be de-identified.
“There’s a general fear that when integrated, centralized contact tracing is proposed in some governments and countries, this poses greater risk for individual data privacy and government’s potential future usage,” Swaminathan said.
That’s understandable because health departments will want as much information as possible, according to Polonetsky. “But don’t do it wrong by using it for marketing, government surveillance, finding out immigration status or revealing where I went,” he said.
Polonetsky said that with the smartphone operating codes available globally, some countries could misuse private data. “They’re not making [the codes available] just for democratic countries,” he said. “They’re not making [them available] just for states with governors we think will act in a responsible way.”
Good models of data minimization, a specific purpose and looking for ways to help people on the outskirts of economic disparities, such as children and people who may not have the latest phones, will help put digital contact tracing on a “good path forward,” he said.
Apps in the private sector
Some private-sector employers monitor employee movements with technology that doesn’t require operating codes.
Stephan Biller
Stephan Biller, vice president for offering management at IBM Watson IoT, said that the pandemic forces businesses such as factories and meat-packing plants to create new processes and unlearn “lean manufacturing” practices that put workers in close proximity for efficiency.
Some companies such as IBM use apps to keep workers away from hazardous sites. If companies eventually do create contact-tracing apps, Biller said, they should be transparent by talking with unions and employees to address privacy concerns. Companies also should plan how to isolate an infected person, redistribute work and train workers to do the jobs of quarantined personnel.
Polonetsky said that employer-mandated use of an app would undermine the notion of apps as voluntary tools. He also wondered how people would respond to health departments that mandate app use and, in the U.S., if ICE and law enforcement should access certain data.
If the smartphone operating codes move to private-sector use, Kitchen thinks that data leaks become a likely concern because of the expansion of “the threat surface,” or all the places where hackers could access data.
Still, protection may come from the underlying restrictions on the types of data an app can collect and rules set for the apps by the Apple and Google operating codes. “If the CDC pulls together a contact tracing app,” Kitchen said, “I would expect it to ask many of the same questions that a manual contact-tracing individual would ask when they have a clipboard.”
Thomas is concerned by the mixing or interoperability of such data with other data and what “new animals” can be created from that mixing.
Government’s responsibility
The U.S. government, Kitchen said, has an interest in pandemic surveillance because of its constitutional charge to provide for the common defense, which is not exclusive to pandemic surveillance and includes the government’s ability to test, track and manage contagions that might influence critical capabilities such as providing basic services, law enforcement and military readiness.
“To be clear, none of this excuses government overreach or abuse,” Kitchen said. “But it demonstrates that the government has a compelling interest in pandemic response and that it will be a critical stakeholder in the private sector’s conversation about what work looks like in the post-coronavirus world.”
Lessons learned and effectiveness
While participation and correct data entry will impact the effectiveness of tracing apps, there is little history to study for best practices. Polonetsky compared the initial confusion around app use with conflicting views on masks and said, “We’re figuring this out on the fly.”
Still, the experts are optimistic that apps can surpass the limitations of memory and records such as daily calendars. “For many of us,” Polonetsky said, “the speed of an app, the ability to cast broadly, will be a learning experience, but I think it can play a useful role with the right privacy protections and the data being deleted very quickly.”
Lessons can be learned from some countries on how apps can succeed. Polonetsky said that when the coronavirus arrived in Israel, there was large-scale adoption of health department recommendations, partly because Israel is used to handling threats. Transmission decreased because, he said, there was a national focus with people cooperating voluntarily.
The voluntary part makes Thomas think that an app designed for use in the U.S., with its culture of individual rights, “is going to be less helpful for public health than it is in other countries.” He foresees more attention on traditional contact tracing.
And, while he believes that digital tracing is needed, Thomas also wonders if Americans will grow immune to app notifications without any follow-up by a health department.
“My fear is that notifications are going to feel like a car alarm,” he said. “We’ve all been in a parking lot where a car alarm goes off, and we just don’t pay any attention to it because we’ve gotten numb to them.”
Politicization and skepticism also may influence voluntary app use.
“Watch the news, and you see the debate over basic measures, and everything’s become very politicized,” Polonetsky said. “So, we will learn whether or not we can get scale in some regions of the U.S. or some cities where this can have impact. I think that’s probably the biggest takeaway so far.”
