Comment The world seems set to adopt smartphone-driven contact tracing to help detect COVID-19 carriers but regulators need to plot an exit strategy from this new form of deeply personal and intensive surveillance.
The need for that exit strategy is plain because whenever businesses or governments get us all to sign up for data collection, the assumption is that it's for the greater good and giving up a little privacy is worth it in the end. Then, whether sooner or later, that data is always criminally and cynically abused, usually in utterly predictable ways.
Abuse of contact-tracing data is intolerable, because it is designed to be a verbose description of our movements and encounters. That may be acceptable in this moment of crisis, but it cannot endure.
What should we do? Well, one of the big debates in governments the world over right now is how to exit societies from coronavirus lockdown, a tricky decision because reducing social distancing in the name of boosting economic activity has the potential to worsen the health crisis.
So while we're thinking about exit strategies, let's develop one for contact-tracing, too, so that we can plan how to exit the temporary benefits of enhanced surveillance for a more balanced future.
First, I believe Google and Apple could usefully kick things off by defining conditions under which they'll deprecate their contact-tracing schemes. That deprecation plan should explain how, once coronavirus is behind us, the two firms will expunge contact-tracing from devices they power and ensure similar functions never make it into their app stores. Their operating systems will need to alert users whenever any activity that looks remotely like contact-tracing is in operation.
A Foundation will be needed to tend contact-tracing code. Any nation that has built a contact-tracing app could then lodge its code there. The Foundation will need to be endowed to fund bug bounties and academic research on all contact-tracing tools.
Carriers may have a part to play detecting and reporting activity that looks like contact-tracing.
Governments that deploy these apps must also be explicit about when they'll be used and when they'll be turned off again.
Above all, we'll need to agree that contact-tracing as an "In case of emergency, break glass" tool rather than something worthy of regular deployment. And let's make sure this gets done, because if we don't, the consequences are utterly predictable.
As a comment on our story about Singapore open-sourcing its contact-tracer observed: "We'll soon see similar products being offered by shady security outfits but with slightly different use cases." And if the world holds true to form, we'll also see:
- Bad advice given to users who are therefore effectively coerced into releasing their location data;
- Authorities neglecting the fine print about exactly what contact-tracing data they can use, and when they're allowed to access contact-tracing data, followed by misuse and insincere promises to do better;
- Large-scale leakage of contact-tracing data, followed by insincere apologies and slow reform of the practices that led to the leakage;
- Cynical misuse of the data by a social network;
- A taboo-busting startup that, like Clearview AI did with mass facial recognition databases, goes where others won't in order to make a buck; and
- Ridiculous conspiracies about contact-tracing, possibly accelerated by populist politicians.
It might not be possible to avoid these wholly predictable and utterly undesirable outcomes. But at a moment when it seems our societies are about to be remade in part by government adoption of uniquely powerful surveillance tools, we owe it to ourselves to remake the attitude that has seen us sleepwalk into constant casual privacy abuse. And by doing so, we'll have a good shot at making sure this new form of digital surveillance does more good than harm long after this novel coronavirus's rampage passes. ®