Last week, I linked to a “guest” blog post about the challenges of contact tracing as part of the way out of the worldwide coronavirus pandemic. The piece was authored by my brother, Nelson Nones, who heads up a company that has developed software capabilities to support such functions. One reader left a thoughtful response citing the personal privacy concerns that any sort of effective contact tracing regimen inevitably raises.
It’s an important issue that deserves an equally thoughtful response, so I invited Nelson to share his own thoughts on the issue. Here’s what he wrote to me:
The introduction of new contact tracing apps for smartphones has raised quite a few privacy fears around the globe. This is a very hot topic right now which deserves attention. However, to keep my original article about the ability to conduct effective contact tracing on point, I purposely sidestepped the privacy issue — other than mentioning privacy fears briefly in the ‘Technology Limitations’ section of the article.
Here I’ll expand a bit. Naturally, the coronavirus pandemic has raised a lot of concern about Orwellian “big brother” surveillance and government overreach, but what many people may not realize is that it’s not about expanding “the target population of surveillance and state control” as the commenter notes. When it comes to public health, governments – including state governments in the United States – have possessed these powers for a long time.
I first discovered this in my own personal life about 20 years ago. I was at work in Long Beach one day when I received a call from the California Department of Health, informing me that I was confirmed to have a highly contagious gastrointestinal infection and ordering me to submit regular stool samples until my tests came back negative. I was informed that if I did not do so, I could be forcibly quarantined — and fined or even jailed — if I refused to cooperate.
My first question to myself was, “How the h*ll and why the h*ll did they target me?”
I had recently returned from a trip to Thailand and started having GI issues, so I went to my doctor and gave a stool sample. They performed a lab analysis which confirmed a particular type of infection that was listed on the Department of Health’s watch list, so I was informed that my doctor was obliged by law to report my case to the Department of Health.
The Health Department, in turn, was obliged by law to contact me and issue the orders given to me – and by law I was obliged to comply with their orders.
The reason that nations, states and provinces have such powers is to contain and control the spread of infectious diseases. This means that governments have the power to forcibly isolate people who are confirmed to be infected — and they also have the power to forcibly quarantine people who are suspected (but not yet confirmed) to be infected.
Whether or not, and how, they choose to exercise those powers depends on the nature of the disease, how it’s transmitted, whether or not an epidemic or pandemic has been declared, and whether or not proven cures exist. Moreover, rigorous protocols are in place to protect people against the abuse of those powers.
But the bottom line is: in most countries, including the United States, if you are unfortunate enough to catch an infectious and communicable disease, you have no constitutional right to prevent the government from identifying you and potentially depriving you of your civil liberties, because of the risk that you could unknowingly infect other people.
Think of it as a civic duty — just as you have no constitutional right to prevent the government from ordering you to perform jury service.
Medical science is so advanced these days that most diseases can be contained and controlled without having to inconvenience more than a relatively small number of people, which is why most people have no idea that governments possess such vast powers. But COVID-19 is a once-in-a-century outbreak that’s so novel, so poorly understood, and so communicable that nearly everyone in the world is being deprived of their civil liberties right now out of an abundance of caution.
Realistically, one could expect these restrictions to remain in place unless and until COVID-19 vaccines and/or therapies are invented, proven and made available to the public – at which time it will (hopefully) be possible to manage COVID-19 like the seasonal flu, which doesn’t require draconian public health measures.
As for the new smartphone apps, have a look at this recent article that appeared in Britain’s Express newspaper which will give you a good idea of how “hot” this topic has become.
The key question here is whether or not the database backend (which is the software that my company Geoprise makes) is “centralized” or “decentralized.” A “centralized” backend follows the Singapore model and contains personally-identifiable information (PII) about everyone who registers the app with a public health authority and/or is confirmed to be infected.
Conversely, some researchers are proposing a “decentralized” backend which serves only as a communications platform, and only ever receives anonymized and nonlinkable data from the smartphones.
This is the privacy and security model that Apple and Google are following, but there is no way that such a “decentralized” backend could ever serve as a contact tracing database in the traditional sense. That’s because a traditional contact tracing database, by definition, always contains linkable PII. (Incidentally, our Geoprise software could be used in either a “centralized” or “decentralized” manner.)
The key thing to understand about even the most “centralized” of the smartphone apps, such as Singapore’s TraceTogether app, is that they contain numerous privacy and security safeguards. Here’s a short list:
- The data which is captured and retained on individual devices identifies a particular smartphone only by an encrypted “TempID” which changes periodically (Singapore’s recommendation is to change the TempIDs every 15 minutes). This makes it impossible for a smartphone owner or eavesdropper to reconstruct complete histories of encounters held on the devices in a personally-identifiable way.
- As my original article states, the contact tracing apps don’t use or store geo-location data (i.e. “where your smartphone was”) because GPS measurements are too unreliable for proximity-sensing purposes. Instead they use the device’s Bluetooth radio to sense other Bluetooth-enabled devices that come within very close range (i.e. “devices that were near your smartphone”).
- The apps are opt-in. You can’t be compelled to download the app or register it with the public health authority (unless you happen to live in Mainland China — but that’s yet another story!).
- Only people who are confirmed to be infected are ever asked to share their history of encounters with the public health authority.
- Sharing your history of encounters is voluntary. You can’t be compelled to upload your contact tracing history to the public health authority’s backend server.
Apple and Google appear to be taking this a step further by:
- Allowing smartphone owners to “turn off” proximity sensing whenever they wish (such as when meeting a secret lover during trysts, or for more innocuous occasions).
- Allowing smartphone owners to delete their history of encounters on demand, and to erase all data when uninstalling the app.
- “Graceful dismantling” – to quote one researcher:“The system will organically dismantle itself after the end of the epidemic. Infected patients will stop uploading their data to the central server, and people will stop using the app. Data on the server is removed after 14 days.”
The bottom-line on privacy and government overreach, I think, is for everyone to step back a safe distance from one another, and take a deep breath …
One thought on “The (Very) Real Privacy Concerns Raised by Contact Tracing”
Eras of crisis inevitably fuel a paranoid evolutionary streak in us. Is that rustling leaf in the bushes a lioness about to attack, or just a light breeze …?
Even in happier times we encounter people deeply convinced that the government — “they”, a mysterious “them” — are running our lives, listening to all our calls, and somehow plotting to harm us to maintain power. Why “they” would need to control you to do this remains the grandiose loose screw in the concept, of course.
There are always those who overreact to the idea of “the hidden enemy.” We live in the information age, after all, and people can learn a lot about each other, but information itself is neutral. There is no reason to suppose it will *always* be used to harm us, by government or anyone else (just as it’s naïve to think it could *never* happen) …