The battle against COVID-19 has laid bare the limitations of modern technology in the face of a pandemic. We can’t accurately track the disease’s toll in real time, nor can we accurately predict where it’s headed. We are told that developing a vaccine will take 18 months — which seems excruciatingly slow — and that the only truly effective weapon we have for now is widespread social distancing, which, of course, has its own painful economic side effects. We always believed our modern tools would protect us from catastrophe, but they have proven startlingly inadequate against this invisible enemy.
In some ways at least, technology has been able to tell us more about how and where the virus is spreading. Mostly, this has involved creatively harnessing the power of big data — using temperature readings from smart thermometers to detect COVID-19 hot spots, or aggregating cellphone location data to point to the areas of the country where people are staying home. But against a backdrop of debate between civil liberties and public health, we also need to be asking where the line is digitally: How much surveillance is acceptable in the service of the greater good?
To be clear, the types of data being tracked now are usually anonymized, aggregated in large groups according to, say, geography. They are also collected with the consent of users. But long before the new coronavirus emerged, critics of big tech companies were already pointing out that users typically give such consent through labyrinthine terms-of-service agreements, often not knowing what their data would ultimately be used for. In today’s world, data is an extremely valuable commodity that rewards its collectors in many ways. Even as individual data profiles that provide search suggestions, traffic directions and health guidance help improve daily life, that goes hand in hand with more nefarious motives companies might have for recording user activities.
Again, those were the worries being raised prior to the pandemic. Now, COVID-19 has revealed much starker trade-offs between personal privacy and the collective benefits of technology. In South Korea, for example, the ability to retrace an infected person’s steps using credit card transactions and cellphone tracking data is part of the country’s (largely successful) response to the virus. Other countries are also ramping up digital surveillance at an individual level in the name of public health. Although such measures may seem less likely to be used in the U.S., one recent Harris poll showed that a sizable, bipartisan majority of Americans would favor a public coronavirus registry and be willing to share phone location data to get alerts about infected people being nearby.1
These efforts might seem appealing because they represent an effective use of technology against a threat we’re struggling to otherwise control. If less aggressive tracking — such as the aforementioned smart-thermometer data — has been useful in measuring the effects of social-distancing policies, even stronger versions have the potential to assist in contact tracing and ultimately help contain the virus for good. If we can bring the power of our growing data-collection apparatus to bear in the fight against COVID-19, shouldn’t we?
“This is a genuine emergency, and that justifies a lot of things that would not normally be justified,” Jay Stanley, a senior policy analyst at the American Civil Liberties Union, told Bloomberg. “But we have to make sure that these temporary powers do not become permanent in a way that hurts everybody else.”
During the coronavirus pandemic, this tension between safety and freedom is playing out across more than just the technology space. Because a patchwork of policies are being implemented largely at the state level, the rules around actions like quarantines — and their constitutional enforceability — are somewhat open-ended. “Right now, between states, there are different protocols in terms of how to handle something that might be a health crisis such as this,” said University of California, Irvine School of Law professor Michele Goodwin on a recent episode of Slate’s “Amicus” podcast. “There isn’t necessarily coherence in terms of states’ laws. There isn’t any coherence vis-a-vis state and federal law in this domain.”
But Goodwin stressed the need to maintain individual protections even in the face of an extraordinary crisis. “Our civil liberties don’t just simply go away because there is a virus that is afoot that might affect many people,” she said. “You don’t lose your civil liberties simply because there is something in the air. You don’t lose your civil liberties simply because you become sick. It’s important to understand the primacy of due process.”
So what does a policy that balances data privacy and the public good look like? “We ask three questions about proposals to use data about people in new ways in response to COVID-19,” Adam Schwartz, a senior staff attorney for the Electronic Frontier Foundation, told me over email. “Would it be effective? Would it excessively intrude on our liberties? Are there sufficient safeguards?”
“Some proposals would not be effective — e.g., use of cell-site location information for contact tracing, because it is not sufficiently granular to place two people close enough together to transmit the disease,” Schwartz wrote. “Some proposals would excessively intrude on our liberties — e.g., China’s compulsion that every resident download a tracking app. [But] some forms of aggregated data might be a tolerable way to inform decision-making about the outbreak, provided [there are] sufficient safeguards to protect privacy.”
Because the coronavirus has been so difficult to stop, it’s tempting to fight it by whatever means are available — and there’s a case to be made for that, at least temporarily. (After all, the whole concept of flattening the curve is about giving up freedom of movement and activity in order to save lives.) But it’s important to also remember that individual rights ceded during a crisis rarely return, even when that crisis subsides.
“We are very troubled by the historical precedent that new powers given to government in times of crisis tend to stay in place,” Schwartz told me. “Two decades after the 9/11 attacks, the NSA [National Security Agency] is still engaged in dragnet internet surveillance. So before we support new forms of high-tech surveillance of personal data about location and health, we must think hard about whether the surveillance would actually be effective at solving the problem at hand. And even when the answer is yes, sometimes the impact on our liberties is intolerable.”
And as tech companies were already under fire for collecting too much data before COVID-19 — and officials were already interested in using that information — that means being wary of what kind of information they’re able to gather, even if it offers creative ways to help combat the pandemic right now.