Digital and human rights groups have joined in a rare worldwide appeal to governments to respect privacy when handling the COVID-19 crisis.
As the number of known COVID-19 cases around the world exceeds 1.2m and the number of deaths reaches 70,000, more than 100 groups signed a letter to governments urging them to be measured in their response to the virus. They should consider human rights in their effort to track the potential spread of the disease among their populations, the letter said:
States’ efforts to contain the virus must not be used as a cover to usher in a new era of greatly expanded systems of invasive digital surveillance.
Signatories included technology-focused groups such as AI Now, Algorithm Watch, and the World Wide Web Foundation, along with human rights groups like Amnesty International and Human Rights Watch. Several country-specific groups like the Irish Council for Civil Liberties and the Swedish Consumers’ Association also signed up.
The letter explained:
These are extraordinary times, but human rights law still applies. Indeed, the human rights framework is designed to ensure that different rights can be carefully balanced to protect individuals and wider societies. States cannot simply disregard rights such as privacy and freedom of expression in the name of tackling a public health crisis. On the contrary, protecting human rights also promotes public health. Now more than ever, governments must rigorously ensure that any restrictions to these rights is in line with long-established human rights safeguards.
The letter called for governments to take the option of increased digital surveillance off the table unless they met eight conditions:
- Keep surveillance measures lawful and transparent so that third parties can evaluate them.
- Have an end date when the extra surveillance measures will cease.
- Only use the data collected for responding to the pandemic, and for no other purpose.
- Keep the data safe and explain how it has been anonymised.
- Watch out for algorithmic bias against marginalised populations in surveillance and big data systems, including racial groups and those living in poverty.
- Only share with third parties according to the law, and make those data sharing agreements public.
- Give individuals the right to challenge the collection of their personal data.
- Give all stakeholders the chance to contribute to policy discussions around surveillance, including public health groups.
As we reported in March, several governments have already kicked off surveillance measures to track the spread of the disease, occasionally without informing citizens directly. Initiatives have included gathering cellphone data covertly using anti-terrorism systems, and in some cases forcing people to prove self-isolation with GPS data and selfies, or face the possibility of police coming to their doors. The UK government is said to have tried sourcing location data directly from telcos to help with the public health effort.
Some other initiatives to use mobile phones as a lockdown enforcement mechanism mobilise people to tell on their neighbours. Police in Bellevue, Washington have encouraged residents to report anyone seen violating the state’s stay-at-home order using MyBellvue, a municipal smartphone app originally launched to provide public service information.
Others have used cellphone data to take a more macroscopic view of public movements. Google has used anonymous location data from millions of Android phones that have location history enabled to determine how well people are abiding by shelter-in-place and similar orders. Last week, it released reports showing traffic in public spaces across 131 countries. The UK had seen visits to retail and recreational locations drop by 85%, the data revealed.
Latest Naked Security podcast
Click-and-drag on the soundwaves below to skip to any point in the podcast. You can also listen directly on Soundcloud.