27262
post-template-default,single,single-post,postid-27262,single-format-standard,stockholm-core-2.4,qodef-qi--no-touch,qi-addons-for-elementor-1.6.7,select-theme-ver-9.5,ajax_fade,page_not_loaded,,qode_menu_,wpb-js-composer js-comp-ver-7.9,vc_responsive,elementor-default,elementor-kit-38031
Title Image

Will Contact Tracing Teach Us to Live Otherwise?

December 6, 2020 In Apple, Blog, COVID-19, Google, Privacy By Daniel Levin

Will Contact Tracing Teach Us to Live Otherwise?

As the COVID-19 pandemic enters its “second wave,”[1] governments and public health officials are contending with the inadequacies of existing attempts to tame the viral spread. One such response is contact tracing—the practice of identifying and tracking infected persons and alerting their contacts of potential infection.[2] But contact tracing is not new. Nor are its attendant privacy concerns.

Dating back to the nineteenth century, the United Kingdom implemented a robust infectious disease surveillance program to quell cases of smallpox.[3] As part of this program, a sanitary inspector would “visit and inspect the home of each infected person, arrange for the patient’s removal, search for possible disease sources, schedule disinfection procedures, and inquire about contacts.”[4] Local authorities sought to contain infectious spread through persuasion, lacking any legal authority to force infected persons to quarantine, much less willingly acquiesce to quarantine orders.[5] Contact tracing therefore relied on infected persons to share a stake in their moral imperative to take care of themselves for the sake of others. In short, they had to endure privacy intrusions for broader public health needs, disclosing their illnesses to state officials and, by extension, their confidants.

No less than contact tracing of centuries past, present-day infrastructure relies on similar privacy norms. However, rather than having a public health official knock on our doors, contemporary contact tracing technologies let our data speak for itself. Today, Google and Apple arguably hold the most privacy protective contact tracing application.[6] Using an Exposure Notification Application Programming Interface (API), their application uses Bluetooth-based technology and reduces users to an identification number, which would relay information about whether a user has come into contact with a potentially infected person for the requisite period of time to become infected.[7] The companies’ joint effort enables nearby users’ devices to interact and communicate with one another.[8] In doing so, users’ Bluetooth signals estimate proximity without tracking user locations or collecting any identifying data.[9] But Bluetooth’s privacy-enhancing capacities come with a trade-off: users would have “little idea about when or where contacts with an infected person might have occurred.”[10] There are also practical considerations omitted, such as whether the contact occurred inside or outside, and whether the infected person was wearing a mask at the time.[11]

This helps explain why not all developers are following Google and Apple’s lead.[12] In a survey of 359 contact tracing applications, only forty-seven were using the companies’ Exposure Notification API.[13] The survey also found that six out of seven COVID-focused iOS applications worldwide were free to request whatever privacy permissions they want, with nearly half of them tracking user location at all times.[14] Certain applications request access to users’ cameras, microphones, photos, and contacts, though their reasoning for doing so seems dubious at best.[15] While users retain the option to consent to or deny such access, their consent may be illusive if, for example, their employment or education status is conditioned on contact tracing compliance.[16]

Contact tracing retains massive appeal in the public discourse, though its benefits remain uncertain.[17] Because contact tracing programs are largely voluntary, they are only as effective as their participation rates and data accuracy. Alongside heightened investment into contact tracing is a divestment from more familiar terrain: compassion for our mutual vulnerabilities to the viral spread. Particularly in light of the pandemic’s devastating effects on minority communities,[18] this kind of sensibility appeals to an ever more pressing need for equitable considerations. To appreciate the barriers to contact tracing participation, we need only look to recent disparities in social distance enforcement practices.[19] In the context of these disparities, minority populations have legitimate concerns about the repercussions of sharing their information with contact tracing programs. Any risk of criminalization or surveillance could dissuade people from getting tested at all.[20]

While the race for a vaccine continues,[21] the pandemic has invigorated new possibilities for living not just with the virus, but with each other.[22] Rather than rely on metaphors of immunity and military defense to think about infectious diseases,[23] we may instead find solace in taking care of each other as a way to take care of ourselves.[24] The efficacy of contact tracing programs will necessarily depend on the public’s willingness to comply with and respond to the demands of these programs, and will undoubtedly involve some sacrifice to our health, location data, and associational privacy. What remains to be said is how much, if any, of that sacrifice will be enough to redress the virus’s harms.

Footnotes[+]

Daniel Levin

Daniel Levin is a second-year J.D. candidate at Fordham University School of Law and a staff member of the Intellectual Property, Media & Entertainment Law Journal. He is also an Online Privacy Fellow at the Fordham Center on Law and Information Policy, and Vice President of the Fordham Information Law Society. He holds a B.A. in Political Science and Women's & Gender Studies from Rutgers University.