x

Fifteen Eighty Four

Academic perspectives from Cambridge University Press

Menu
17
Apr
2020

COVID-19 Mobile Phone Contact Tracing and Information Privacy Law as Modulated Power

Mark Burdon

Should we forgo information privacy law protections for COVID-19 mobile phone contact tracing? Governments worldwide view contact tracing as a key tool to mitigate COVID-19 community transmission. Contact tracing investigations are time-consuming and labour intensive. They involve numerous interviews that retrace the recent location histories of positively identified individuals to ascertain potential sources of transmission. Several governments have turned to mobile phone location tracking as a new data-driven option to obviate investigative inefficiencies. Given that COVID-19 is largely transmitted through direct or proximity to human-to-human connection, mobile phone contact tracing is potentially important because it can indicate, with relative ease, the previous location histories and possible closeness of positively identified individuals to other individuals. The technique can also be used to enforce quarantines or monitor self-isolation of individuals and communities.

Mobile phone location tracking for contact tracing gives rise to complex privacy issues which are often addressed as the zero-sum question posed above. To assist in the avoidance of unnecessarily binary responses, such as the temporary suspension of information privacy law, this two part blog critically considers how information privacy law currently provides protections but also what it needs to protect against in a post-pandemic world. Part 1 outlines the rapid development of mobile phone location data contact tracing across the globe. Part 2 then considers the application of information privacy law both now and in the future.

How have governments used mobile phone location data for COVID-19 contact tracing investigations?
Mobile phone location data has been used in distinct ways which reflects major differences to investigatory approach, as categorised by the bullet points below.

Types and volume of data – a mobile phone is packed with sensors that fulfil many purposes, including location detection. Mobile phone location data can be tracked using: a mobile phone’s GPS function; it’s wireless card and connection to wireless access points; telecommunication connection points with provider cell towers and Bluetooth via connection and proximity to Bluetooth beacons. Data collectors are, by in large, private sector companies and data collection is therefore fragmented across non-governmental actors, including: telecommunication providers; mobile phone operating system providers; app providers and location analytic services. Accessing mobile phone location data can thus be problematic for governments and it is not surprising that tracing responses have used different types and volumes of data. For example, a proposed scheme in the UK will only seek to use Bluetooth data to assess the proximity of one registered mobile phone user to another. Whereas investigatory schemes in Israel and China involve the mandatory acquisition and sharing of different types of location data from telecommunications providers or individual citizens. Potentially an enormous amount of data can be collected that can be used to identify the fine-grained location histories and patterns of individuals. However, despite the volume of data available, critical questions about its efficacious use are being asked especially in relation to potential data inaccuracies involving sensor technologies designed for consumer consumption that are now being used for health purposes.

Volume of data – a mobile phone is packed with sensors that fulfil many purposes, including location detection. Mobile phone location data can be tracked using: a mobile phone’s GPS function; it’s wireless card and connection to wireless access points; telecommunication connection points with provider cell towers and Bluetooth via connection and proximity to Bluetooth beacons. Data collectors are, by in large, private sector companies and data collection is therefore fragmented across non-governmental actors, including: telecommunication providers; mobile phone operating system providers; app providers and location analytic services. Accessing mobile phone location data can thus be problematic for governments and it is not surprising that tracing responses have used different types and volumes of data. For example, a proposed scheme in the UK will only seek to use Bluetooth data to assess the proximity of one registered mobile phone user to another. Whereas investigatory schemes in Israel and China involve the mandatory acquisition and sharing of different types of location data from telecommunications providers or individual citizens. Potentially an enormous amount of data can be collected that can be used to identify the fine-grained location histories and patterns of individuals. However, despite the volume of data available, critical questions about its efficacious use are being asked especially in relation to potential data inaccuracies involving sensor technologies designed for consumer consumption that are now being used for health purposes.

Mandatory/voluntary participation – as noted above, some governmental contact tracing schemes, such as the Israeli Government’s, are mandatory in nature. Acquisitions are mandated by emergency legislation to obviate information privacy law protections that would normally prohibit such data transfers. These schemes operate as a warning mechanism or individual monitoring program that tracks the whereabouts of positively identified individuals, particularly those individuals who have been quarantined. Voluntary schemes, on the other hand, are opt-in oriented. They tend to utilise specifically designed governmental or other industry sector apps, such as MIT’s Private Kit, that are downloaded by a mobile phone user. If the user tests positive, they can choose to anonymously share their recent location data so that other app users can check their location whereabouts against known sites of transmission. A registered user can then monitor their own health and make a risk assessment about whether COVID-19 testing is required. Voluntary programs involve active forms of consent through opt-in mechanisms and consequently offer higher forms of information privacy protection. However, to be effective, both types require high levels of public participation which is unlikely to be achieved in a voluntary scheme, especially when compared to mandatory investigation programs.

Private sector involvement – contact tracing investigations using mobile phone location data involve different roles for private sector data collectors. Mandatory data aggregation schemes rely heavily on access and acquisition of private sector mobile phone location data. Such schemes have also utilised social media data, such as, the use of Whatsapp in China and the proposed involvement of Google and Facebook in the US. Some private sector data acquisition schemes involve the transfer of anonymised location data. Voluntary schemes, on the other hand, tend to collect data direct from individual mobile phone users through dedicated apps, thus limiting the amount of data collected.

Individualised/population-based outputs – different schemes also give rise to alternatively focussed output intentions. Some schemes, such as in South Korea, provide highly individualised outputs which can be used to monitor the current location of COVID-19 positively identified individuals who are required to self-quarantine. Alternatively, other schemes, such as in Taiwan, provide aggregated, hot spot visualisations of locations where positively identified individuals have previously been that can be checked by other members of the public. The more individualised a data output is the greater likelihood that significant information privacy concerns will arise.

Centralised/decentralised data collection and analysis structures – initiatives collect, store and use location in different ways to others. A key differentiation regards whether collected data is transferred to a central server for analysis or is instead stored solely on the data collecting device. A centralised approach increases the potential for greater privacy risk because governmental agencies have ready access to a database of location pattern histories that, even if anonymised, could still give rise to identification of individual citizens or reveal sensitive patterns of individual behaviour. Individual consent will also be absent given the transfer and use of data will likely be outside the remint for which it was collected. A decentralised approach potentially enhances privacy protections because the data available for collection is minimised to what is required and it is collected for a defined purpose, consented to by an individual.


The bullet points above indicate some key constituent elements of current contact tracing developments. They provide a way to think about the information privacy issues that will emerge. For example, initiatives that entail the collection and aggregation of different types of location sensor data; mandatory forms of data acquisition; significant private sector involvement; highly individualised output intentions and centralised structure, will give rise to greater privacy risks. Likewise, the corollary will increase privacy protections. Bearing these complexities in mind, Part 2 examines the current and future role of information privacy law.

Digital Data Collection and Information Privacy Law by Mark Burdon
Digital Data Collection and Information Privacy Law by Mark Burdon

About The Author

Mark Burdon

Mark Burdon is Associate Professor of Law at Queensland University of Technology. His research interests include the regulation of information security practices, legislative frame...

View profile >
 

Latest Comments

Have your say!