The advent of contact tracing and the use of digital tools that infringe on personal privacy has opened up the age-old debate we are often faced with during crises: what comes first, privacy, or safety?
After firmly crossing the 2 million threshold yesterday for the total of reported Coronavirus cases, we are faced by a grim reality that we didn't want to believe: the COVID-19 pandemic is not going anywhere anytime soon. Governments might be enacting lockdowns a few weeks at a time instead of by months to avoid panic, but the fact of the matter remains that people are getting sick, many are dying, and the global economy is on its last legs.
During times of crisis like this, tough decisions often need to be made, and we are unfortunately seeing this in overload hospitals that have had to prioritize certain patients over others according to their survivability rate, as has been happening in Italy.
On the macro level, politicians and governing bodies have had to make similar tough calls. One of the ways this has manifested is through a practice known as 'contact tracing,' a method for tracking infected victims and the overall chain of transmission, while warning healthy citizens of the infected's earlier movements and whereabouts, in turn opening can of worms on user privacy, utilitarianism and overbearing government surveillance.
So what is contact tracing exactly?
As is commonly known by now, COVID-19 is transmitted through the droplets of an infected person - produced when they cough or sneeze, for example. If said droplets come into contact with a person's eyes, mouth or nose, whether by being touched with contaminated hands or through close-quarters airborne transmission, they become infected, and an incubation period could last up to 14 days.
As such, contact tracing plays the role of retracing the chain of transmission. A person confirmed to have contracted the virus will be questioned thoroughly by medical professionals, who inquire about where the person has been, whom they have come in contact with, and more, until they trace back the patient's entire estimated journey over a set period of time and identify a list of potential people they've infected, whom they then contact and inquire with about the same.
This is how the World Health Organization breaks it down:
One might see this as an invasion of privacy by the state, especially when we factor technology into the equation. South Korea is one country where this has had a tremendous impact, combining technology with contact tracing to effectively flatten the infection rate curve. Singapore is another.
South Korea has learned from the past
Vox has perfectly profiled and explained how South Korea enacted contact tracing through the use of technology in the video above. The East Asian country effectively took contact tracing a step further with technology, after having struggled with MERS in 2015, and began collecting a wealth of data on infected citizens.
"They enlisted credit card records for purchase patterns, GPS data for travel patterns, and security-camera footage for verification," news site the Daily Beast explained.
"When a person tests positive, their city or district might send out an alert to people living nearby about their movements before being diagnosed," Nature.com notes. "A typical alert can contain the infected person’s age and gender, and a detailed log of their movements down to the minute — in some cases traced using closed-circuit television and credit-card transactions, with the time and names of businesses they visited. In some districts, public information includes which rooms of a building the person was in, when they visited a toilet and whether or not they wore a mask."
This level of surveillance borders on 'Big Brother' paranoia, but these are the lengths the South Korean government was willing to go to in order to avoid another MERS situation.
Surprisingly, it worked. By nipping the situation in the bud, South Korea was forced to contact trace on a much smaller scale then if it had just started today where cases in most countries are in the hundreds of thousands. By beginning testing when cases were under 6 or even 5 digits, South Korea was able to flatten the curve and get a hold of the outbreak. Even if new cases are being reported still, they're a far cry from the massive numbers being reported in other first-world countries like Italy, France and the US. Already, there's talk of it being too late to contact trace in countries with widespread infection, like the US.
Singapore similarly puts national health over privacy, to great success
In Singapore, a similar process was adopted, where contact tracing is supplemented with the inspection of mobile activity logs, CCTV footage and analytics tools to identify suspected individuals. In one instance reported by The Straits Times, the passenger of a taxi driver confirmed to have the virus was eventually tracked down after rigorous surveillance effort by specialized police teams. They relied on everything from corridor interviews, to CCTV footage and more to eventually pinpoint the passenger and put him under medical surveillance.
All they had known about him were the type of taxi he took, his attire, and his drop-off point.
Additionally, the government of Singapore has created a contact tracing app that the general public can download and use to aid the efforts of authorities and help keep citizens safe. Dubbed TraceTogether, the app uses Bluetooth technology to pinpoint users' proximity to one another during their everyday life, storing this data on users' phones for future use; this data can be submitted to the authorities when necessary. If one of the app users becomes infected, the authorities are able to trace their movements and potential contact with other app users and warn those unsuspecting victims, essentially catalyzing contact tracing efforts. In late March, Singapore revealed it would make the app freely available to developers worldwide.
Setting rivalries aside for the greater good?
This week, Apple and Google announced a surprising bit of news: they will be collaborating together on a contact tracing API, aiming "to overcome one of the main issues with contact-tracing technology: the lack of interoperability," as Forbes explains.
At Phase 1, they will develop an app that will operate similarly to Singapore's TraceTogether app, also using Bluetooth technology and storing users' interactions with other app users, while not collecting location information. This is expected next month.
At Phase 2, contact tracing functionality will be built into phones directly, without the need for an app. This will be available in coming months.
As for which phones will be able to download this app and later get built in functionality, Forbes was informed that "every phone that uses iOS 13 will be compatible, which is every iPhone since the iPhone 6s, released in September 2015. And Google will make it available for phones going back as far as Android 6, which we used to call Marshmallow, and which was released in Fall 2015, too."
Privacy vs. Safety
But will users be willing to opt for this? Despite privacy reassurances from Apple and Google, these two Big Tech firms have been embroiled in anti-trust allegations for many years now, particularly Google. For example, when Google purchased wearable firm FitBit late last year, many users were in an uproar about their health data being harvested by Google, which led many to abandon their devices. Even with the risk of a pandemic, many might still not be willing to opt in to such a tracking scheme.
Still, what Apple and Google are proposing is a far cry from the extreme measures utilized in South Korea and Singapore. In China, Thailand and other countries, some citizens are being forced to take measures that will compromise their privacy, like forcing them to install location trackers on their phones, as CNN reveals.
When drastic privacy-infringing measures such as these are put in place in a rush the way they are being done now, with little regulatory control and study done beforehand, citizens are opening a door for more rigorous and unfettered government surveilance, which could set a negative precedent for the future.
"There is also the risk that measures seemingly justified by the current pandemic could be retained or expanded even after they are no longer necessary," CNN said.
"I think we have to be on the lookout for 'scope creep' — contexts where we demand emergency powers that risk privacy and then fail to walk back after the emergency passes," Jennifer King, director of privacy at Stanford University's Center for Internet and Society, told CNN.
The pandemic will pass, sooner or later, but the true threat to privacy starts then, when governments will feel justified in enacting increased monitoring practices and initiatives. After COVID-19, "scope creep" could be the next big villain we would all be looking at fighting next.