Data Is Vital In The Fight Against Coronavirus, But Don’t Forget That Privacy Lost Is Hard To Regain

Allison Schiff, senior editor, AdExchanger

Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media. 

Today’s column is written by Allison Schiff, senior editor at AdExchanger. It’s part of a series of perspectives from AdExchanger’s editorial team.

The COVID-19 outbreak highlights a singular dilemma of a pandemic in the digital age: Does fighting a health crisis warrant the mass collection and use of personal data?

Governments, public health policymakers and commercial businesses are advocating data collection as one of the most efficient weapons in the fight against the disease.

Last week, Apple and Google, unlikely bedfellows, announced a partnership to create contact tracing technology that will allow iOS and Android devices to use Bluetooth to alert anybody who’s been within 10 or 15 feet of a person that recently tested positive for coronavirus.

European telecom companies are sharing mobile phone data with governments to track people’s movements during lockdowns. Israel passed emergency legislation in March to use smartphone data to identify infected individuals and enforce its quarantine. South Korea is planning to use electronic wristbands to ensure people are properly isolating themselves. There are numerous other examples.

Meanwhile, location data companies – they must be pinching themselves – are lining up to share aggregated data with governments and the press about the efficacy of social distancing and quarantine measures. Just a few months ago, location data companies were actively battling the narrative that they dabbled in the dark art of surveillance capitalism.

The problem is that privacy is a bit like health – you only notice it when you no longer have it.

There are few people who wouldn’t give up certain rights in the short term if it could help save lives and arm scientists and governments in their battle against a deadly disease. Yet, it’s nearly impossible to close a barn door once it’s swinging.

Peter Micek, general counsel at Access Now, a digital rights advocacy group, put it well on a webcast I tuned into recently hosted by the Information Technology and Innovation Foundation:

“Surveillance is a bad party guest; it stays much longer than you welcome it for.”

Sept. 11 is one of the most recent and oft-cited examples of this phenomenon. The Patriot Act, passed just over a month after the attacks, was used widely as an excuse for nearly two decades to engage in warrantless wiretapping and the large-scale monitoring of communications.

That act exemplifies how new legal frameworks passed under exigent circumstances become permanent fixtures.

You don’t have to believe in a dystopian future to invent potential scenarios where data collected for one purpose could later be used for another. Health data gathered to fight the pandemic could later be used to deny someone insurance. The same location data used for individualized contact tracing could reveal a person’s movements to a government intelligence agency.

The more data that gets shared, the more those possible use cases pile up. Even if seemingly innocuous data is aggregated and anonymized, it’s relatively easy to de-identify by cross-referencing it with other data sets.

By the same token, data is a powerful tool. And even hardcore privacy advocates agree that if data is properly collected, stored securely and with strict purpose limitations and time horizons set for its use, that it should be applied to help arrest the spread of disease and lay the groundwork for a return to life after quarantine.

It’s about being smart, reasonable, transparent, having the right people at the table – both civilian health officials and government representatives – and setting out very specific parameters from the start, including prohibiting secondary uses for any data collected as part of the pandemic response.

That would be ideal. The thing is … we don’t live in an ideal world.

Cillian Kieran, CEO of privacy compliance startup Ethyca, summed up the predicament for me like so during a recent chat: “The freedoms you give away for the public benefit in the short term often end up being a lot longer term than you think.”

Follow Allison Schiff (@OSchiffey) and AdExchanger (@adexchanger) on Twitter.

Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!

1 Comment

  1. Paul Weiskopf

    Dealing with a pandemic warrants extraordinary sacrifices and measures, but cannot result in relaxing Constitutionally (e.g., Bill of Rights) and legislatively (e.g., HIPAA, CCPA) protected rights. Appeal to the common benefit and make tracking strictly opt-in, with automatic deletion of app and any PII unless affirmatively renewed, every ~30 days.