One can argue about the steps taken so far with regards to the coronavirus, but perhaps no other report has had an impact on what the United States is now doing to curb the spread of the virus than the report published on March 16 by the UK’s Imperial College COVID-19 Response Team. In plain, stark language, the report warns of the dangers of doing nothing and emphasizes that if we want to minimize mortality rate “combining all four interventions (social distancing of the entire population, case isolation, household quarantine and school and university closure) is predicted to have the largest impact.”
Key to this is case isolation and household quarantine, both of which are containment measures. Containment requires, at minimum identification (you have to know who is symptomatic to make sure they are isolated and you have to know who the symptomatic were in contact with to make sure they are quarantined) and communication (you have to know whether you’ve been in contact with someone if you are to self-quarantine).
The technologies exist to help both identification and communication, but at a potential cost to privacy. There’s the impact on privacy to the symptomatic individual, those with whom they have been in contact, and even locations (towns, neighborhoods, stores) through which the person traveled. These risks are not insubstantial. In the case of individuals, it could result in stigmatization, harassment, and even physical threats (if not harm); in the case of locations, it could result in severe economic losses and stigmatization itself. The key to leverage technology with containment is to identify potential privacy risks and embed privacy practices into the technology to minimize those risks.
The MIT Media Lab is doing just this. Yesterday, they released an open-source application called Private Kit: Safe Paths which uses your phone to track your location data and uses that to trace where symptomatic individuals have been and share that information to others so that they can determine whether they may have been in contact with those individuals. And, the app does it in a privacy-preserving way. The app works like this: it first logs your phone’s location data, but keeps it on your phone so that you retain possession of it. If you are diagnosed, you have the choice to consent to sharing your location data with health officials who can make it public. Ultimately, the app will share symptomatic location data with others without the middleman of a health authority so that one can see if they have been in recent contact with anyone who has been symptomatic. It’s a powerful tool that has the potential to have a material impact on containment efforts.
Of particular interest, is the whitepaper MIT developed on this application that outlines the various privacy risks pertaining to containment and how Private Kit addresses them. The report provides an instruction lesson to any organization conduct privacy risk assessments or evaluating privacy controls relative to GDPR or CCPA regulations or to better serve the needs of its constituents.
When confronted with the enormity of something like the coronavirus, its both critical and refreshing to know that we don’t have to throw out our rights to deal with it. After all, in battling something like this virus, we are not only defending our selves, we are preserving the very freedoms that define who we are.
Subscribe to our blog here: https://mailchi.mp/90772cbff4db/dpblog