Privacy or Public Health — the Dilemma of Contact Tracing Systems
Big data has saturated into daily lives and the scope of data collection and the capacity for data storage are augmenting simultaneously. In the center of data usage arise concerns for privacy loss. As the pandemic continues, most countries have introduced contact tracing systems, which collect location data of users, to alert potential exposure and undermine the spread of the COVID-19 virus. Preliminary procedures incur privacy infringement as people’s personal lives get monitored, which incentivizes optimized policies and updated tracking apps with more privacy-friendly features. Given that the functioning of contact tracking systems inevitably requires the collection of personal data, privacy protection builds on minimizing the necessary data to collect and, more importantly, the proper use and the security maintenance of gathered data. While mandatory enforcement of registering into the contract tracing system, although proved to be effective in some countries, did result in the exposure of personal information and privacy infringement, voluntary tracking with an emphasis on privacy protection verges more on an optimized tradeoff, but the compromise impairs the effectiveness of pandemic control.
Although confidentiality protection is a universal concern, privacy is viewed differently across countries due to varied cultural values. For instance, Chinese citizens would be willing to sacrifice individual interests including privacy for commands from the above under the influence of a long history of big government. On the contrary, in most western countries where democracy is more successfully achieved in practice, people pay substantial attention to their confidentiality with the protection of elaborate privacy laws. An existing research analyzing Internet users from 38 countries verified that the differences in cultural values and in corresponding desires of political institutions result in the divergence of privacy concerns. Accordingly, the differences in cultural values offer the rationale for divided responses to contact tracing systems and complicate the process of finding an optimal tradeoff.
As the foremost outbreak place of COVID-19, China successfully managed to control the pandemic with a series of urgent, enforced policies, including the launch of the contract tracing system. The key feature of China’s procedures was the enforceability to ensure public coordination. Every citizen has to register into the tracking database, which would accordingly display a colored icon based on the user’s past trajectory, indicating one’s risk of exposure to the virus. Enabling access by police, the data is tied to social security numbers, which opens a gate for potential exposure of personal information. Meanwhile, according to the regulation policy, confirmed cases need to honestly disclose a detailed report of their trajectory in the past 14 days for public knowledge. The information would be presented via social media to notify potential contacts with the concealment of the patients’ full names, which is in alignment with the original purpose of the attempt. Unfortunately, with massive data linked together, China’s database management seems insufficient and insecure to maintain data privacy, which enables hackers to easily dig out personal information of patients, including their names, phone numbers, and even social media accounts. When the first line of defense gets broken, cyberbully becomes a serious problem as a result of the leaked privacy. People would storm those patients’ social media accounts to leave abusive and discriminating comments, as if they were criticizing the guilty ones. Ironically, the more realistically and elaborately a patient reports his/her trajectory, the more distorting image of him/her will be shaped, accompanied by more malicious slanders. It is pathetic for a patient to suffer both physical pain from the disease and cyber violence due to the exposure of privacy. Although patients have continuously expressed their indignation and helplessness for receiving cyber manhunt and abuses, few of those who trample privacy get punished.
The experience of Ms. Zhao, a 20-year-old woman who worked at bar clubs and got infected in Chengdu, reveals the severity of privacy infringement. Indeed, the local government responded quickly to lockdown related areas based on Zhao’s trajectory report, which indicates the effectiveness of the enforced tracing. However, Zhao’s personal information was dug out in no time, which incurred tremendous cyber assault. Due to the particularity of Zhao’s occupation, people called her “the queen of clubbing”, slandering her for being idle and unchaste. It is hard to imagine how these terrible memories would linger along with Zhao’s life. More sadly, the social circumstances overlooking privacy and the lack of data protection would continuously indulge such tragedies. The mandatory enforcement of contact tracking regulations did effectively undermine the spread of the virus, but the drawback of overlooking the privacy protection of individuals has caused tremendous hurt on patients, making people insecure and extremely worried that they could be the unlucky ones.
Looking at those cases closely, we may discover that the problem was not the mandatory enforcement of certain policies but rather the over-collection and misuse of personal data and the lack of security mechanisms to protect privacy. Although the location data can only be accessed by the police, China’s contact tracking app ties users’ data to their social security numbers, which leaves space for broader access from different checkpoints. The centralized database becomes especially vulnerable once a piece of data is leaked due to the extensive connections between the data that can be easily traced. Meanwhile, with the prevalent business norm that information makes success, people prioritize data collection, even through improper ways, over data protection. The existing data regulations and privacy laws seem too weak to effectively punish those who steal or misuse personal data. Taking these factors into account, the effectiveness of China’s approach was eclipsed by the problems due to privacy infringement.
Since the pandemic containment potentially aggravated the rampancy of privacy infringement, China’s procedure apparently failed to achieve an optimal tradeoff. In many western countries where privacy is more valued, refined contact tracing attempts are underway to relieve people’s concern for privacy loss. For instance, “Apple and Google’s system to track COVID-19 infections anonymously via Bluetooth low-energy beaconing between iOS and Android smartphones” has led a tide of exploring a desirable balance between privacy protection and data collection for pandemic control. “The Apple/Google API aims to leverage such privacy-optimizing techniques as federated learning and differential privacy, which would allow developers to build useful alternatives to centralized databases that may invite later abuse”. With an emphasis on minimizing the collection of necessary data and providing secure data storage, the device adheres to the priority of privacy protection. However, whether privacy-optimizing techniques facilitate public participation and maintain the effectiveness of pandemic containment need further validation.
A similar concern arises when the Canadian COVID alert app came out with privacy-friendly features alike. Canada’s COVID Alert app keeps the anonymity feature and is optional for voluntary downloads. Instead of tracking location, it allows phones to “exchange codes over Bluetooth”, which “are stored on the phones rather than in a government database so officials can’t peek”.
Both the endeavors try to decentralize the collected data to prevent misuse from database storage. Users’ data are stored on their own electronic devices, or maintained by individual IP addresses, where government agencies are unable to access without permission. Accordingly, the decentralization of data collection ensures security, as users will be responsible for their own personal data and decide which part of data to disclose that could be beneficial for contact tracing. Meanwhile, the data collected through the voluntary registration into the tracking system do not connect with social security numbers and therefore isolate from databases that hold additional personal information, which minimizes unnecessary data access that may cause misuse. As the updated contact tracing apps prioritize minimizing the collection of necessary data and a well-functioned decentralized storage system preventing data misuse, an optimal balance between privacy protection and public health seems feasible and should encourage more advocates and users.
However, the voluntariness of registering into the contact tracing system inherently undermines the effectiveness of relieving the pandemic. People are still having divided and conflicting views towards engagement with public health authorities and contact tracing programs. An existing survey conducted by Pew Research Center shows that “only 49% of U.S. adults say they would be comfortable sharing location data from their cell phone and 41% of those who were asked about their views on speaking with a public health official who might contact them about the coronavirus outbreak via phone or text say they would be not at all or not too likely to do so”. People are still reluctant to fully comply with contact tracing because of a deeper concern for privacy that outweighs their worry for the disease, and the voluntariness feature offers an alternative to follow their heart. We should believe that most of those people staying outside of contact tracing value public health. However, given a participation rate of around 50 percent, the current system would fail to timely disseminate alerting information to cut off the contagium. Since contract tracing inevitably sacrifices a part of privacy no matter how optimal a compromise has been made, it is difficult to persuade more people to participate in the program, which slows down the process of pandemic containment.
While contact tracing proves to be effective in controlling the spread of the COVID-19 virus, it may fail to achieve expected outcomes due to the limited implementations of necessary procedures. Privacy concerns are a primary obstacle to the complete engagement with the program. The voluntariness of participating in contact tracing allows for noncompliance, as contact tracing inevitably makes use of location data which incurs uncomfortableness. Therefore, it is important to understand and respect the priority of privacy over public health. While an optimal tradeoff between the two seems feasible with recent attempts, the outcome of reliving the pandemic may not as desirable as we want.
Works Cited
Bellman, Steven, et al. “International Differences in Information Privacy Concerns: A Global Survey of Consumers.” The Information Society, vol. 20, no. 5, Taylor & Francis Group, 2004, pp. 313–24, doi:10.1080/01972240490507956.
Dehaas J. COVID Alert protects privacy — but should still concern us. National Post (Toronto). August 20, 2020.
Mcclain C. The Challenges of Contact Tracing as U.S. Battles COVID-19. Pew Research Center, Internet & Technology. Oct 30, 2020.
Pegoraro R. Privacy Optimization Meets Pandemic Tracking. 1st edition. O’Reilly Media, Inc.; 2020.
Zhang W. Chengdu Woman Bullied, Slut-Shamed After Contracting Coronavirus. Sixth Tone. Dec 09, 2020.
