Technology companies and experts are coming up with a variety of new methods, applications and tools to track the spread of COVID-19 in the United States, systems that could greatly help government plan and cope with the novel coronavirus.
But these new monitoring systems are leaving lawmakers and privacy experts worried that the result could be widespread surveillance of the health data and private movements of Americans with no federal law in place governing data privacy.
The need for technology solutions not only to gauge the spread of the disease but also to identify and isolate the infected are fairly self-evident. The ideas and proposals for the use of new technologies range from systems that would draw data from diagnostic testing labs and hospitals to mobile phone-based apps that individuals would download voluntarily to identify themselves as infected to help others avoid contact.
Some of these new systems, experts say, could help bring the economy back faster. President Donald Trump has repeatedly sought to lift federal restrictions on social gatherings and reopen the U.S. economy. But public health officials have warned that resuming normal activities too soon could be dangerous and lead to new outbreaks.
By Tuesday, more than 125,000 people had died from the coronavirus pandemic worldwide, as known infections exceeded 1.8 million. In the United States, deaths from the virus exceeded 23,000, with known infections totaling more than 598,000.
In the absence of a nationwide surveillance, monitoring and containment system, it would be hard to resume normal economic activity in the United States, a group of health experts warned in a paper published last week.
“Developing these capabilities in each state and region will enable the U.S. to move beyond extreme and disruptive physical isolation measures,” according to the paper authored by Mark McClellan, Scott Gottlieb, Farzad Mostashari, Caitlin Rivers and Lauren Silvis. The paper was published by the Duke University’s Margolis Center for Health Policy, and the authors are public health experts from different institutions.
Gottlieb is a former commissioner of the U.S. Food and Drug Administration and has been advising the Trump administration in an informal capacity.
Establishing a national surveillance system would require “ongoing coordination between health care providers and state and local public health authorities,” with support from the Centers for Disease Control and Prevention, the authors wrote.
The authors called for a national monitoring system with the capability to track and trace outbreaks; widespread testing for everyone with symptoms; widespread testing to identify those with immunity; an expansion of the existing National Syndromic Surveillance System managed by the CDC with new information on the pandemic; and a rapid response capacity to identify, isolate and do contact tracing of new cases.
White House efforts
White House senior adviser Jared Kushner is discussing with tech companies the creation of a national surveillance system to give the federal government a clear view of infections, patients seeking treatment and hospital capacity, Politico reported last week citing unnamed officials.
Although it’s likely that the Kushner effort is aimed at creating a system like the one recommended by Gottlieb and others, the report led Democratic lawmakers including Sens. Mark Warner, D-Va., Richard Blumenthal, D-Conn., and Rep. Anna G. Eshoo, D-Calif., to write to Kushner about the secrecy surrounding his effort and how it might affect Americans’ privacy.
“While we support greater efforts to track and combat the spread of COVID-19 — and have been alarmed by the notably delayed response to the crisis by this Administration — we have serious concerns with the secrecy of these efforts and their impact on the health privacy of all Americans,” the lawmakers wrote on Friday. “Your office’s denial of the existence of this effort, despite ample corroborating reporting, only compounds concerns we have with lack of transparency.”
The Senate Commerce Committee, trying to get its arms around the issue, last week invited panelists to submit their testimonies on how big data can be enlisted to combat the pandemic.
“The potential benefits of big data to help contain the virus and limit future outbreaks could be significant,” Sen. Roger Wicker, R-Miss., chairman of the committee, said in a statement. “To maximize these benefits, however, privacy risks to consumers will need to be minimized.”
That means understanding how data is collected and whether it’s sufficiently “anonymized to remove all personally identifiable information and prevent individuals from being re-identified,” he said.
Sen. Ron Wyden, D-Ore., who has championed privacy rights and argued against government surveillance, said information shared by private companies with government entities must be closely examined.
“Our public health agencies should use the best tools available to slow the spread of this epidemic, but an emergency can’t be an excuse to violate Americans’ rights,” Wyden said in an email to CQ Roll Call. “It may be appropriate for companies to share some information with the government, but only if there is full transparency about what data is being shared, assurances it will never be used by law enforcement, and with strict protections in place to protect Americans’ information against abuse.”
Surveillance or monitoring
The term “surveillance” used in the context of a pandemic is different from its everyday use, which often connotes illegal eavesdropping and causes confusion, said William Staples, a sociology professor at the University of Kansas and director of its Surveillance Studies Research Center. Health experts often use the term surveillance “in the sense of keeping an eye on” a disease, Staples told CQ Roll Call.
Nevertheless, technologies rushed into use in the midst of a public health crisis without adequate policy reviews, public hearings and other assessments could have downsides, Staples said. “We don’t know whether it works or not, we haven’t answered the question of who controls the data, who has access to it.”
The goal of such questions isn’t to stop applications of technology but to pause and ask how to prevent their misuse, Staples said. “Two or six years after a crisis, would the technologies still be in place” and would they be put to other uses by government agencies, he asked.
Even before the federal government can come up with a comprehensive monitoring system and ramp up testing, several tech companies and researchers have jumped in to fill the gaps.
Google and Facebook as well as data brokers that collect location information from mobile phone apps have mapped out the drop in economic activity worldwide by examining the movement of mobile phone users who allow their location to be tracked.
The Google dashboard, for example, shows that restaurants, cafes, shopping centers and museums in Washington, D.C., had seen a drop in traffic of 66 percent as of Sunday, April 5, compared with a median Sunday during the baseline period Jan. 3-Feb. 6.
Kinsa, maker of a smart thermometer that connects to a web-based app, also has launched a website that tracks fever spikes and other flu-like symptoms across the United States.
Apple and Google also unveiled on April 10 that they were collaborating to create new tools that would allow smartphone users to use apps to indicate whether they have tested positive for the disease. The apps then would broadcast a Bluetooth signal that would allow other users with similar apps to figure out if they crossed paths with an infected individual.
Ramesh Raskar, a professor at the Massachusetts Institute of Technology, has led a consortium that includes hospital and public health specialists to develop an app called Private Kit that allows an infected individual to opt for a 28-day tracking using the app.
The patient’s doctor or a state health official would then use a secure website to redact all personally identifiable information of the infected person. The infected person’s location trail would then be broadcast from his or her phone using a Bluetooth signal that other phone users can see and determine if they have come into close contact with a diagnosed patient. The information being transmitted would use “encrypted trail match with mathematical guarantees of privacy,” Raskar said in an email.
No data from the healthy users of the app leaves their devices, according to MIT, and the team is in discussions with Massachusetts officials to use the app in the state’s newly launched contact-tracing effort, Raskar said.
The dilemma for apps like Private Kit that require voluntary participation is that they work only if enough people download and use it quickly, said Graham Dufault, senior director for public policy at The App Association.
Lack of federal law
A federal data privacy law similar to the European Union’s General Data Protection Regulations or GDPR or California’s Consumer Privacy Act could have helped “assuage consumer concerns about how apps are dealing with data” and given people confidence that data being collected from them in a crisis wouldn’t be misused, Dufault said. App developers are taking into account existing GDPR privacy guidelines in Europe but would have “more difficulty with deciphering” rules that are still being formulated under the California law, Dufault said.
Congress, meanwhile, after more than a year of deliberations, has yet to pass a federal data privacy bill. Tech companies would prefer to have national rules of the road made clear before they launch national monitoring systems.
The European Union has called for a uniform approach across the continent instead of each member state deploying mismatched apps.
In the United States, it remains unclear if the White House will set such a uniform national standard. For now, states and their governors are leading the effort in contact tracing. Tracking and tracing patients using mobile phone apps and other electronic devices already has been used extensively in China, Hong Kong, Israel, Singapore, South Korea and Taiwan.
Aggregate data used to determine whether people are staying home or congregating in places, or determining travel patterns from areas of high infection to other areas, could help predict where medical services may be urgently needed, Greg Nojeim, director of the freedom, security and technology project at the Center for Democracy and Technology told CQ Roll Call. “Those uses of aggregate information are creative, useful, and can be done in a privacy protected way,” Nojeim said. “But disclosure of more individualized data can be problematic.”
Also, not all uses of tracking information may be accurate for the purposes for which they’re intended, Nojeim said. Location information drawn from cellphone towers isn’t accurate enough to say whether two individuals were in close proximity to each other, for example, he said. GPS signals are more accurate to calculate proximity and Bluetooth signals are likely the most accurate, he said.
The American Civil Liberties Union last week said that “policymakers must have a realistic understanding of what data produced by individuals’ mobile phones can and cannot do.” Phone location data “contains an enormously invasive and personal set of information about each of us” and can reveal sexual, social, religious and political identities, the ACLU said.