Privacy is often freely given up for either fear or convenience. It is impossible to visit an online news site or look at a Facebook feed without seeing information about using smart-phones for contact tracing to help mitigate the COVID-19 pandemic. Having the government know who you have been in contact with is frightening, although nearly 49% of respondents in a Statista poll reported that they would probably use the technology.
Considering that 77% of smart-phone users use their phones for navigation apps and GPS, this shouldn’t be too surprising. We give up our privacy in that case for convenience. It is much easier for our phone to tell us how to get somewhere than looking at a map. These apps provide data on where you are going and where you have been, which sounds scary, but most people have embraced it.
Contact tracing takes this concept to a more uncomfortable level , recording who you had contact with or were within near proximity. It is a very sensitive issue, with several valid viewpoints and false claims by individuals who do not understand the technology.
On one side of the argument, contact tracing in other forms over our history has helped eradicate smallpox, H1N1, Ebola, and other infectious diseases. By tracking who came into contact with an infected person, proactive quarantining can then “box in” the infection. Proponents against contact tracing, most specifically using cell phone technology, argue for it to be effective citizens would be providing far too much private information to government officials that could be misused.
How the Technology Works
Chances are you have an Android or iPhone device. Both companies Google and Apple have teamed up on developing contact tracing technology. On May 20th, they released that solution. Apple users who have installed iOS 13.5 will already have the capabilities installed on their phone. There are two crucial elements to this from a technology perspective that are very important to understand.
The first is that what Google and Apple released is only a framework for contact tracing apps to be built on. Having these updates installed on your phone by themselves does not automatically allow the phone to track who you have had contact with. Those who are intentionally not updating their smartphones can go ahead and do so without fear of being tracked by this technology.
The framework they built will allow other application developers to create apps for contact tracing, but for your activity to be tracked you would have to download, install and authorize these smartphone apps. Simply stated if you do not install a contact tracing app, then you are not going to be part of that data collection.
The second element is understanding how the technology works. If you have connected your phone to your car, a pair of headphones, or a speaker then you used a piece of technology called Bluetooth. If you would install a contact tracing app, your phone will use Bluetooth and the Bluetooth of other individuals utilizing the app to see who you came into contact with. Most devices have a range of 10 meters or 33 feet, but some Bluetooth antennas can reach up to 100 meters.
To be part of a contact tracing data collection program you would need to have an app installed that uses the technology with Bluetooth turned on. Additionally, the app will only be able to know if you were in contact with other people who also had the application installed.
Greater Privacy Concerns
Google and Apple have both stated that they will not release the health or other data to local, state or federal governments. With that being said, Google does have a history of providing data to governments. With different interpretations of laws such as the Patriot Act, it is possible for the US government to obtain certain online information without a warrant.
Additionally, hackers from around the world could technically find a way to acquire and use this information. It might sound extreme, but there is not a comforting level of data security. Just looking at a sample of reported data from April and March of this year shows the amount of organizations that have had their data breached:
- March 5, 2020 – Virgin Media 900,000 users affected
- March 5, 2020 – Google Cloud 200,000,000 US residents affected
- March 11, 2020 – Dutch Government 6,900,000 records affected
- March 13, 2020 – Princess Cruises unknown number of customers affected
- March 31, 2020 – Marriott 5,200,000 records leaked
- April 23, 2020 – GoDaddy 28,000 customers affected
- April 23, 2020 – Nintendo 160,000 customers affected
When it comes down to privacy, we have very little privacy. The good news is participation is optional, but that also reduces how effective these types of solutions can be. The concept of using cell phones for contact tracing has good intentions. But how effective the technology can be, and if it can be kept secure, remains to be seen.