If Tech Companies Track our Every Move for Targeted Ads, Why Can’t They Help Fight Coronavirus?
Data type and quality, as a well as privacy concerns, make using location information for individual cases impracticable
For years we’ve heard about how companies engage in mass surveillance of consumer devices to serve digital advertisements; we’re very accustomed to seeing personalized ads based on our online behavior, and more recently, geomarketing based on our device’s current location (i.e. when you’re near a store and your phone shows you an ad for that store). Times like these raise the question, if businesses can use this data to make a buck, why can’t we use it to save lives?
They are already putting your location data to good use — in a general way
Some companies have already been mobilizing their location data to help governmental bodies and academic institutions in the pandemic. Google, Facebook, Cuebiq, among others, are sharing aggregate location data they’ve collected from mobile devices. This type of information does not reveal individual movements, but rather, information such as population density in particular locations, or general trends in mobility. This kind of data can show how far and often people are traveling, and the degree to which they are keeping social distance. With this information, public health officials can see the extent to which people are following shelter-in-place and quarantine mandates and can also determine how effective these measures are in stemming infection rates.
There are essentially no legal or ethical impediments to sharing aggregate, truly anonymous data like this, as individuals cannot be identified. Such information reveals trends, and does not indicate that device x was at such-and-such address or that it was in close contact with device y. Moreover, because the data is aggregated, it doesn’t have to have perfect accuracy to serve its purpose, since its purpose is to ascertain patterns and averages. In short, there is little reason for companies to demur here. And, as a Senate Committee hearing this week suggests, the government’s appetite for commercial location data remains strong.
But this data, of course, has limitations. If we want more granular and powerful data, we have to accept more of a privacy risk — it’s a spectrum, involving trade-offs and cost-benefit analysis.
There are barriers to tracking specific cases, e.g. contact tracing
If we want to stop the spread of specific cases, we of course need more information, and on an individual level. This is where it becomes tricky, because here we must ask: Is the data appropriate? Is it accurate? And is it legal (or ethical) to collect, process, and/or share it?
There are several different types of data under the umbrella of “location data”. For our purposes, and to simplify things, we’re interested in the distinction between data that identifies your geographical location (e.g. GPS, cell towers, etc.) and data that identifies whether you’ve been in close contact with another device (i.e. via Bluetooth radio waves).
Geographical location data is either very accurate, and therefore privacy-invasive, or quite general, and therefore largely worthless for tracing close physical contact between individuals. It’s hard to imagine how one’s identity could remain anonymous when there is raw information about their precise movements. A home address could be easily gleaned, as we see in South Korea’s approach. Arguably, this kind of data also focuses on the wrong issue: we care less about where people have been than with whom they’ve been. Proximity to others is indeed a critical issue for a virus that spreads more readily from close contact with an infected person than from surfaces. Bluetooth data can better serve this end: while GPS and cell towers only say where you are, Bluetooth can say who is next to you, and, unlike GPS, it even works indoors. Additionally, data collected this way can be less privacy-invasive than precise location information in many ways: the tech has limited signal range and offers the possibility to store information locally.
Bluetooth data is a promising option, but…
Digital marketers mostly don’t care about your physical proximity to other random people — that doesn’t help them profile you for targeted ads. When businesses avail themselves of Bluetooth information, they look at what stores you’ve visited. It’s useful for indoor geomarketing (where GPS flounders), but it doesn’t come without drawbacks, as stores still have to install transmitters, and consumers still have to have Bluetooth regularly enabled (hardly a given). It’s not a favorite. And even if such companies were readily able to make connections between individuals that were in close bodily contact to each other (and they’re not), the privacy implications of suddenly repurposing consumer data to that end are enormous, and in the European Union, illegal, except under extreme circumstances.
If we want contract-tracing data that’s serviceable and privacy-preserving, we have to produce it ourselves. And in fact, a couple such Corona-specific apps are already in the fray: Singapore has Trace Together, and a European organization has a similar app, PEPP-PT, which only uses Bluetooth. In the U.S., MIT’s Private Kit: Safe Paths apparently operates with geolocation, using a combination of GPS and Bluetooth data. In any case, they all rely on the user downloading the app specifically for the purpose of location or contact tracking.
Conclusion
By providing aggregate reports of population mobility, tech companies with hoards of location data are already doing what they reasonably can to aid in the pandemic. It’s important to note the logical and ethical reasons not to use some location information, whether for reasons of accuracy, appropriateness, or individual privacy. Unfortunately, in the U.S. we still have no comprehensive legal framework to help us navigate privacy issues surrounding the use of location data. When it comes to commercial data, we can only look to best practices, or perhaps across the Atlantic, to weigh individual privacy against public health concerns.
