Governments worldwide navigate privacy versus urgency in fight against Covid-19

Josh Ye | South China Morning Post, Coco Feng | South China Morning Post, Yujie Yu | South China Morning Post and POLITICO Staff
·9 min read

This story is part of an ongoing series on U.S.-China relations, jointly produced by the South China Morning Post and POLITICO, with reporting from Asia and the United States.

Using an app on your smartphone to track whether you’ve been in close contact with people who have contracted Covid-19 seems — at first glance — like a perfectly plausible way to use new technology to help tackle a global health crisis that has sickened millions and brought the world economy to its knees.

There’s just one problem — data privacy.

Tracing the whereabouts of infected patients has become a central plank in government efforts around the world to contain the spread of the novel coronavirus. Traditionally, contact tracing was done through in-person interviews with medical professionals. Now smartphones have the power to streamline and automate that process.

China has been quick to experiment with digital contact tracing, enlisting domestic tech giants to build QR code-based quarantine apps during the early stages of the outbreak. Collecting a vast swath of users' data — including their location — China’s quarantine apps have empowered authorities to use big data to locate threats and take preventive action.

But this approach has raised enormous privacy and surveillance concerns in the West — concerns that may be intensifying in the U.S. now, as tens of thousands of people take to the streets in protests of police killings.

To allay public fears, tech giants and many governments in the West have now trained their efforts on contact tracing solutions that do not collect location data and analyze only anonymized and decentralized data — such as Bluetooth technology — despite some health authorities’ fears that those restrictions will blunt their effectiveness.

People wearing face masks to protect against the new coronavirus stand outside of an Apple store in Beijing, Saturday, June 6, 2020. China's capital is lowering its emergency response level to the second-lowest starting Saturday for the coronavirus pandemic. That will lift most restrictions on people traveling to Beijing from Wuhan and surrounding Hubei province, where the virus first appeared late last year. (AP Photo/Mark Schiefelbein)

Others, including some U.S. states, are pushing ahead with apps that track locations, though at the risk of spotty adoption by a public skittish about privacy. Indeed, fears over tracking in the West could spill over into public unwillingness to be tested for Covid-19 at all — hampering containment efforts.

“The fears over surveillance could ultimately lead to a decrease in testing at precisely the time that we want people to trust public health authorities and go and get tested when the tests become widely available,” said Jennifer Daskal, faculty director of the tech, law and security program at American University in Washington, D.C.

As such, Daskal says that China’s centralized way of collecting data could be counterproductive in the West.

Last month, more than 300 scholars and researchers published an open letter warning of the huge negative effects that may come with the rollout of location data-based contact tracing — chief among them being the potential for mass, intrusive surveillance by state and other non-state actors.

“Information might be reliable as a kind of a suggestion or a reminder, potentially for self-quarantine,” Ashkan Soltani, former chief technologist of the Federal Trade Commission, told the South China Morning Post. “But it’s not robust enough for making policy decisions, like who should be able to return to work, or who should be able to use public transport or even enter a grocery store.”

But what has been China’s approach and has it really infringed liberty? After all, many would argue that a cautious approach where a person has to willingly download an app, then consent to sharing their data, may also not be feasible when trying to stem the spread of a killer disease.

In China, the government collects the entire digital footprint of its citizens — their location data as well as their self-reported medical history — before labeling each citizen with a risk score and issuing them with a colored health code. The level of a person’s health code then dictates whether or not they can access public facilities, public transit or even private businesses.

China’s first health code for contact tracing was rolled out as early as mid-February when tech giant Alibaba’s sister company Ant Financial helped the local government in the eastern city of Hangzhou to introduce the so-called Alipay Health Code. On Ant Financial’s popular payment app Alipay, users sign up under their real name ID and fill out relevant surveys to get assigned a colored code — green, yellow, or red — indicating their health status, from low to high risk.

Local governments developed their own contact tracing services using different approaches. Some required the users to give access to phone GPS location data to the apps, which many experts believe is more accurate than carrier location data. Others require users to voluntarily input their current location, travel history and body temperature on a daily basis.

However, there has not been consensus on which health code system to adopt on a national level, and when multiple bureaucracies collide, people have sometimes had to divulge their personal data to different versions of health apps developed by different parties for varied situations.

In reality, China’s health code program is a hodgepodge of disjointed efforts by city and provincial governments, as well as its technology giants. This has created further problems, such as lack of interconnectivity on data sharing and opaque algorithm development.

For example, health codes developed by municipal and district-level governments can assign the same person totally different risk levels and assigned colors. As such, people have complained about their health codes flickering from one color to another even when they have not moved at all, seemingly without any explanation.

Experts also point out that China’s health code system runs the risk of missing asymptomatic infections, acknowledging there are loopholes and blind spots for screening.

“The health code can only tell you that they have done some preliminary screening. In fact, there is no way to screen for asymptomatic infections,” said Zhang Wenhong, a pre-eminent doctor who oversees the treatment of Covid-19 in Shanghai, in an interview with China Central Television in April.

But Zhang clarified that China’s existing health code system is robust enough to detect most infected cases and their close contacts. For asymptomatic cases, Zhang said the gap will have to be filled by actual nucleic acid tests.

And China is not the only country whose government has taken an interventionist approach to contact tracing. Israel, Kenya, and Turkey seized some mobile data to monitor the interactions of potential carriers while South Korea’s government added powers to probe the data of suspected virus carriers. However, Israel’s Supreme Court later banned its intelligence agency from tracing the phone location of those infected with Covid-19, until new laws are passed.

In contrast, the approach to contact tracing inside the U.S. has been fragmented and slow to launch, with no national program in place and every state left to decide whether, or how, to pursue the technology.

That means that by default, the closest thing to a unified U.S. approach has been the initiative that Apple and Google announced in April and launched last month, which provides technical tools that health authorities can use to design apps that detect when people have come in close proximity to people who have tested positive with the virus.

The two companies, whose operating systems power most of the world’s smart phones, also imposed a series of privacy restrictions on apps that work with their tools — for example, banning the use of location tracking, requiring users’ consent to sharing their data, and mandating that information about suspected contacts be stored only in the person's phone, not in a central database.

Instead of GPS, their system relies on the Bluetooth feature on phones, which can tell only when two devices have been near each other.

Rather than depend on the two giants, at least a half-dozen states are building their own apps to pinpoint the spread of Covid-19. But those efforts have hit technical hurdles, such as spotty cellphone signals, and how to get people to self-report their test results rather than collect the data automatically.

And with no way to require Americans to install the apps at all, it is an open question whether enough people will adopt them to help health officials keep tabs on the virus before new hot spots explode.

Almost 60 percent of Americans said they could not or would not use the system Apple and Google are developing, according to a recent Washington Post-University of Maryland poll.

Some health experts say the effort may be stuck between two unattractive alternatives.

“Either you have a system unlikely to help people navigate their world, to leave their house and feel safe, or you have privacy trade-offs,” University of Washington Law School professor Ryan Calo told POLITICO. Calo recently co-authored a study that found widespread public discomfort with contact tracing technology.

Other states have decided to throw in their lot with Apple and Google, despite acknowledging that that approach also raises worries among some residents.

“While there’s no question we’ve gotten people who have voiced concerns, and there's always conspiracy theories out there, in the end it’s about risk and reward,” said Vern Dosch, who heads North Dakota’s contact tracing efforts, in a recent POLITICO story. “We want to fall on the side of giving our citizens every protection we can give them, and if that involves aligning with Apple and Google, then that’s what we’re going to do.”

And, truth be told, even less intrusive contact tracing technology has its opponents, as some experts warn that there are still many ways in which hackers can reconstruct anonymized, decentralized data.

“Even though [Apple and Google’s contact tracing app] has a privacy preserving protocol, you can use it to identify who might be infected by recording, for example, additional information like video or audio signals from them,” Soltani said, “So I think initially people will be reluctant to use it.”

Privacy concerns aside, experts argue that there are also far too many ways in which such Bluetooth-powered contact tracing apps may simply fail to serve their purpose.

Soltani said one of his chief concerns is the potential for false positives.

“For example, if you live in a densely populated flat, you are going to signal that you and your neighbor have been in contact even if you haven’t been. So that’s going to generate a number of false positives, right?”

And you can never rule out pranksters, who could bring an extra element of farce to what is already a thorny public policy issue.

For example, as University of Cambridge security expert Ross Anderson warned in a recent blog post, “performance art people could tie a phone to a dog and let it run around the park.”