the privacy guru
  • About
  • Speaking & Events
    • Speaking Events
    • Bring the Privacy Guru to Speak
    • Book a Privacy Salon
    • Book a One-On-One Session
  • Publications
    • Privacy Memes
    • Articles
    • E-Book: Privacy for Humans
  • Blog





Covid 19 -Ethical and Privacy Concerns

On 05 Jun, 2020
Uncategorized
By : theprivacyguru
No Comments
Views : 3156

covid-image-768x442

The global pandemic has significantly impacted our lives and raised ethical and privacy concerns for individuals, companies and society as a whole. While the more authoritarian countries such as China and Singapore mandated strict quarantining, social distancing and mask-wearing for citizens early on in the pandemic, the U.S. has relied more heavily on voluntary compliance, which allows for outliers who protest public health measures they feel restrict individual rights and freedoms afforded in a democracy.

Mask wearing and compliance with social distancing and stay-at-home orders raise individual moral issues – what can each of us do to protect others from harm.  There are many privacy and ethical issues government and companies face about how to access and use technology to confront the COVID-19 outbreak. As states open and we learn to live alongside a highly contagious and virulent virus, both the public and private sectors must make decisions about how to protect people’s privacy as well as their health and financial well-being.  Privacy professionals and in-house compliance staff are grappling with how to ensure the proper balancing of employee privacy rights. They are also tasked with reviewing the proportionality and effectiveness of data collection measures.

Businesses have struggled economically during the COVID-19 shut-down crisis and now, in the process of re-opening, those that hope to remain viable must make choices about how they will continue to operate with new rules, protocols, and expectations. Companies are facing challenges of how to protect their staff from health and safety risks and ensure that they mitigate potential claims against them. Will companies check employees’ temperatures upon arrival at the workplace? How will companies use new technology for cellphone monitoring that promises to track potential spread? As always, the technology offers privacy and security risks along with opportunities.

Contact tracing

As a public health measure, contact tracing involves working backward from infected people to identify those who many have also been exposed to the virus so that they can be tested, isolated, and treated.  The idea is to control and contain the disease as much as possible within the larger society. Theoretically, the more aggressive the contact tracing methods, the fewer people will become infected or sick. Contact tracing comes in two flavors: manual and automated.

Manual contact tracing works like this: if you test positive for Covid-19, the lab reports the results to the local health department, who then assigns a trained professional known as a contact tracer. The contact tracer calls you to talk about symptoms, offer help or medical advice, and asks for the names and phone numbers of people with whom you have recently come in contact. The contact tracer then calls the people on your list, informing each one only that they’ve been in contact with an infected person–but not revealing your name. The contacted person can then test and/or self-isolate until they are no longer a health risk to others. Advantages to manual contact tracing include minimal privacy invasion as well as the opportunity for the contact tracer who builds trust to act as a community health worker. Although decidedly low-tech it’s proven to be surprisingly effective.

Automated contact tracing, however, is where more sticky privacy questions arise. If you test positive for Covid-19 you can’t contact everyone who rode the elevator with you last week. You can’t contact the jogger who sped by you in the park. Automated contracting tracing apps now abound – MIT is tracking the tracing apps – and tech giants Google and Apple have partnered to make an automatic tracing app technology that draws on information about the location of cell phones and its proximity to other people’s phones. The ideal is that public health experts can use this personal data from your phone to identify who you have been physically close to and possibly infected–while still protecting your privacy by masking your personal identifying data. Such contact tracing apps are already mandatory in China, India, and Turkey.

What are the sticky privacy and ethical issues involved in automated contact tracing, what has been called “a privacy nightmare?”

For one, unless the apps are engineered with the appropriate advanced technology to maintain very levels of privacy, the collected tracing data makes it easy to hack into people’s personal data by making inferences or linkages.  At present, inconsistencies exist in app development and approaches that could lead to lack of coordination. Then there’s the danger of implementing a technology that collects more data than is required, either intentionally or unintentionally. And even if all the bugs are worked out and automatic contact tracing becomes a truly viable preventive public health measure, there’s a danger that people won’t trust the technology and therefore will refuse to use it.

Going Forward

In the ongoing uncertainty of the COVID-19 crisis, companies should consider regulator guidance carefully and pay attention to recommendations given.  Also of concern is how much data to share with public authorities and when. Remember that it’s not all new—chances are your organization has existing crisis management, legal and HR resources in place to review and make recommendations about privacy, employee rights, and ethics that can be leveraged and adapted to the current crisis.

Guiding principles for best practices

    When considering privacy and ethical issues, take into account the following:

    1. Information collection must be necessary and proportionate to the harm one is trying to prevent.

    2. Just because you can do something doesn’t mean you should. Ethical considerations go beyond what is legally permissible.

    3. Consult resources from the Future of Privacy Forum, IAPP, The World Health Organization and various data protection regulators for information on COVID legal and ethical issues. An independent investigation of worldwide COVID-19 mobile apps
    by the International Digital Accountability Council (IDAC) “revealed several instances in which apps fell short of best privacy practices and posed potential risks to users.”

    There is a risk that companies fail to recognize that some actions that are needed in a crisis should not become the status quo. A best practice approach is to be mindful in our data collection, step back and determine what we have learned about ethics, governance, business continuity and organizational culture to ensure we have better business resiliency without sacrificing privacy. Employee privacy is no less important than consumer privacy – and being respectful of privacy is critical to maintaining employee morale and loyalty.

    Events such as the COVID-19 pandemic will force greater awareness of the common interest of protecting privacy as a legal obligation and ethical imperative.



Tags :   Appscontact tracingCOVID-19dataethicsFuture of Privacy ForumIAPPIDACprivacyWorld Health Organization

Previous Post Next Post 

About The Author

theprivacyguru


Number of Posts : 130
All Posts by : theprivacyguru

Related Posts

  • How Do We Solve the Privacy Paradox?

  • Are Privacy Tides Changing?

  • Companies Tout Privacy as a Business Advantage

  • Taking Responsibility for Your Privacy Part 1: Personal Responsibility

Leave a Comment

Before posting a comment, please read our Comment Policy

Click here to cancel reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>





  • Error

    Fans
  • 3896

    Followers
  • Subscribe

    RSS Feed

Recent Posts

  • The Privacy Field Needs More Diversity
  • Covid 19 -Ethical and Privacy Concerns
  • Celebrating International Women’s Day
  • These are a Few of My Favorite Podcasts on Privacy, Security and Technology
  • Building Trust in Data Protection and Compliance

Archives

  • August 2020
  • June 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • September 2019
  • July 2019
  • June 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014

Categories

  • Uncategorized
The personal views expressed on The Privacy Guru blog are my own, not those of my employer. The information contained on the blog is not legal advice.

Phone: 415 713 0271 | Email: alexandra@theprivacyguru.com

© Copyright 2017 THEPRIVACYGURU. All Rights Reserved.    terms of use | privacy policy
Follow theprivacyguru on Pinterest Follow theprivacyguru on Instagram