How the Coronavirus is Upending Medical Privacy

By Darius Tahir and Mohana Ravindranath, Politico, Apr 28, 2020.

Apple and Google are building massive coronavirus tracking apps. Government officials are disclosing infections to the public and pitching “immunity passports” and gadgets that can tell if an infected person leaves their house.

It’s all in the name of public health. And it’s a privacy nightmare — a setback for pre-pandemic efforts to create new safeguards for digital medical data and update the HIPAA privacy law.

Amid the public health emergency, polling shows a majority of Americans back real-time tracking of infected people — a contrast to what had been rising concern about eroding privacy. The coronavirus pandemic is changing the world view in many ways, but the aggressive push for health data in the name of stopping the virus may have real long-term consequences for patient privacy.

Here are five ways the pandemic is changing how patients are being watched:

Contact tracing: Apple and Google have pledged to help public health officials halt the spread of the virus by creating tracking technology for new apps people can download to smartphones and use to confidentially designate themselves as infected. Bluetooth technology on the phones can then warn other app users who come in proximity long enough to be at risk of catching the disease. The system will collate data from both Android and iPhone users who sign up and is expected by mid-May. Microsoft is working with the University of Washington on its own app.

Some countries have already tried strategies that build on cellphone location data to track patients, raising privacy concerns. The tech giants have promised to use encryption to protect those who download the apps. But the public appears to want more assurances: A Kaiser Family Foundation tracking poll found twice as many people are willing to download the app if the data is managed by public health agencies, not the tech companies. And older Americans still are more reluctant to use the technology.

American University law professor Jennifer Daskal worries about the pandemic spawning a profusion of contact tracing apps of varying quality and design without accompanying quality control. “It’s difficult to know fully what’s going on. It’s hard to assess what’s working and what’s not working in a sound way,” she said.

Britain’s National Health Service rejected Apple and Google’s plan in favor of a more centralized system that stores the matching information on a computer server that could be less vulnerable to hacking. And some experts question whether the health agencies involved in tracing have adequate safeguards.

“We know that some governments do not have best in class information security,” said Lucia Savage, a privacy expert with startup Omada Health.

There is also no guarantee these apps will provide an accurate picture of the pandemic’s spread, tech experts including former FTC Chief Technology Officer Ashkan Soltani wrote in a Brookings blog post. “We worry that contact-tracing apps will serve as vehicles for abuse and disinformation, while providing a false sense of security to justify reopening local and national economies well before it is safe to do so,” they wrote.

Tracking mobility: Apple, Facebook and Google are also sharing troves of data with public health authorities to show whether people are staying near home or moving between two points, to help gauge the effectiveness of social distancing and other public health strategies. Some researchers have similarly mined public posts on Twitter. And tech companies could use machine learning to assess if individuals are keeping safe distances in a workplace.

The data culled from the cell phone location data is aggregated and stripped of personal identifiers, though privacy experts warn it still could be matched to individuals. “The underlying data is still being held by someone,” said Alan Butler, interim executive director and general counsel at the Electronic Privacy Information Center. The group has pushed for tougher controls, noting such information is already easily sold and used for targeted advertising.

MIT researcher Carlo Ratti notes the surveillance efforts are no more invasive than tech giants’ standard data collection for marketing. “They’re already collecting the data, so at least it’s used for something good, it’s used in a transparent way.”

But Butler said the health crisis and patient tracking points to a need for greater government oversight. “We need a real privacy regulatory infrastructure in the United States that can credibly evaluate and credibly oversee these systems, because they’re very complex,” he said.

Public disclosures: Authorities worldwide are releasing more information when a coronavirus case is confirmed and where the person got infected. In theory, the disclosures to the public or to employers increase transparency about how the disease is spreading. However, the information could lead to harassment and stigmatization.

Officials in Westport, Conn., declined to release information about who was present at a party that spawned a localized outbreak. That didn’t stop “rumor-mongering and vilification” of people in the community, the town’s first selectman said in a video statement. Going public with a coronavirus result is like “having an STD,” one Westporter told The New York Times.

Disclosures go further in South Korea, where the government trawls through facial recognition data, credit card purchases, cell phone data and other information to reveal the movements of infected individuals, according to researchers in the Journal of the American Medical Association. That’s led to extensive news coverage and, in some cases, the public sleuthing out the identity of infected individuals.

“It’s one thing to say everyone in a county should stay indoors,” Omada’s Savage said. “It is another entirely to publish the shopping routes of a particular person who was infected.”

Such efforts could well inspire the distrust public health authorities need to avoid, said American University’s Daskal.

Immunity passports: Officials worldwide are discussing the possibility of issuing passports certifying a person recovered from the virus is immune that can be displayed on phones. Such information would allow patients to move further and more freely than those who haven’t caught the disease.

A public certificate of past infection could get around public health crackdowns like those seen in China, where individuals in Wuhan were cut off from smartphone apps needed to pay for goods and interact with the world.

But experts say publicly outing patients could lead to cases of mistaken identity. And the unequal distribution of coronavirus testing could leave some communities without certification needed to resume economic life.

Digital quarantine: Officials also are weighing the merits of “digital quarantine” technology — apps or wearable gadgets that allow authorities to see if infected patients are leaving their homes and putting others at risk. Experiments in Taiwan, Singapore and Poland have stoked interest in the United States, with Hawaii creating a website requiring travelers to check in daily with location data and health status.

Quarantines require due process, said Omada’s Savage, and digital tools shouldn’t be any different. “We don’t put arrest bracelets on people without due process, and we should not force apps on people for public health either,” she said.

App design is also crucial, said Daskal. An early design of Poland’s quarantine app required users to upload photos to verify their locations — and the data was retained for six months, without an explanation why.

“The data should be destroyed as soon as the quarantine is over,” Daskal said. In general, she added, new initiatives to collect and analyze sensitive data should sunset as soon as the public health emergency ends.