Mass surveillance for COVID-19 contact tracing.
As governments around the world continue to seek technology that would assist them in tracking citizens' movements in order to slow the spread of the coronavirus, the crisis is causing many privacy advocates to soften their positions in the interest of public health. On the CyberWire's Quarterly Analyst Call, Ben Yelin from the University of Maryland's CHHS stated that "even among people who are strong civil liberties advocates, you've seen sort of this acceptance of, well, I'm not usually a supporter of the surveillance state, but if we need to track people's movement to get a better idea of how far this disease has spread, then maybe that's something I can live with temporarily."
The Intercept summarizes the opinions of various privacy experts who, operating under the assumption that these measures would be both effective and temporary, concluded that such surveillance can be conducted responsibly if governments adhere to strict guidelines concerning which data can be collected, what they can be used for, who can access them. For example, Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, told the Intercept that the data should be approached like US census data: strict protections around how such data can be used is crucial to collecting accurate information on a voluntary basis.
Others express skepticism that these guidelines will be followed. Computing warns of "scope-creep, where the data we hand over to battle the virus is cross-matched with other information in ways we don't understand."
Meanwhile, governments have already begun rolling out surveillance apps and collecting data through other means. ZeroFOX says Italy, Columbia, and Iran have already made privacy missteps associated with their apps, although ZeroFOX notes that, even in the case of Iran, these incidents seem to have resulted from desperation and haste rather than ill intent.
Private companies play a key role in this effort. The Wall Street Journal reports that the US Centers for Disease Control is receiving data derived from advertising companies and cell phone carriers. Motherboard describes new products developed by Israeli spyware firm NSO Group and its Italian competitor Cy4Gate. Motherboard also notes that cellphone providers in countries across Europe are sharing customer location data with their governments.