Broker Check

Contact Tracing and Data Privacy

July 28, 2020
Share |

A halock.com blog discusses the use of contact tracing apps to track individuals exposed to coronavirus. On the one side is the advantage of increased knowledge. On the other is the issue of invasion of privacy.

About 79% of Americans own a smartphone. If all of these users have an app to identify people who have tested positive for COVID-19, their status is shared and broadcast using GPS or Bluetooth. Everyone with the app will be alerted when they come into proximity with an infected person. They can get tested and self-quarantine, and spread of the virus will be restricted. In theory it sounds good.

Let's do a reality check. Tests are not available for everyone and results are often delayed. The apps are not accurate enough to capture every contact, or factor in extenuating circumstances. Users may not have the app turned on or configured correctly.

To be effective, contact tracing apps must be used by an overwhelming majority. This has not happened. In Singapore, health officials felt they needed 75% active participation; only one fifth of the population installed the app. European officials set a minimum target of 60% participation; the highest rate was in Iceland with 38%.

Concerns of non-users include invasion of privacy, stigmatization of infected people, and government surveillance. Like other measures against virus spread, use of tracing apps has been politicized. Privacy concerns include what data is collected, how it is shared, where it is stored, is it encrypted, is there protection against abuse, and can information be revealed without a person's knowledge and consent. Apps could be easily hacked.

Finally, there are compliance issues with laws and regulations such as ADA, HIPAA, GDPR and CCPA. (Not mentioned in the post, BIPA could also be relevant.) If data is transferred to the cloud additional compliance issues arise.

All things considered, the minuses outweigh the pluses.