LONDON (AP) – Farewell, castle, hello, smartphone.
While governments are developing applications to track mobile devices to contain infections, attention is drawn to how officials will safeguard the privacy of users. This debate is particularly relevant in Europe, one of the most affected regions in the world, where COVID-19 has killed almost 140,000 people.
However, the use of surveillance technology can bring bitter memories of mass surveillance by totalitarian authorities in most parts of the continent.
In recent years, the European Union has taken the lead in protecting digital privacy by introducing strict laws for technology companies and websites that collect personal data. Academics and civil rights activists are now calling for stronger protection of personal data in new applications.
Let’s look at the problems.
The European authorities, under pressure to relax the restrictions that have been in place for several months in some countries, want to ensure that the number of infections does not increase once the attacks have stopped. One of the methods is to keep track of infected people who come into contact with them and to inform them about the possible effects so that they can isolate themselves. Traditional methods of personal patient screening are time-consuming and labour-intensive. This is why countries want an automated solution in the form of smartphone applications for contact tracking. However, there are concerns that the new tracking technology could be a gateway to better control.
Requests for follow-up of COVID contacts 19 : Effective tools to control the risk of viruses or a security nightmare?
The advanced digital tools used by Asian governments that have successfully contained virus outbreaks will not last in Europe. EU residents value their right to privacy, which is why mandatory applications such as those in South Korea, which warn the authorities when users leave their homes, or tracking bracelets such as those used in Hong Kong, simply do not fly.
The most attention-grabbing solution for contact tracing is the use of low-power Bluetooth signals on mobile phones to track users who are in prolonged contact with each other anonymously. Officials in Western democracies say that the annexes should be voluntary.
In Europe, the battle focused on competing systems for Bluetooth applications. One of the German projects, the pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) project, which was supported by 130 researchers in its initial stages, involves downloading data to a central server. However, some scientists expressed concern about the risks of the project and withdrew their support for a competing Swiss project – the DP3T (Decentralised Privacy-Preserving Proximity Tracing) project.
The data protection officers are in favour of a decentralised system, as anonymous data are only stored on devices. Some governments are in favour of a centralised model because it could provide more data to support decision-making, but nearly 600 scientists from more than two dozen countries have signed an open letter warning that this could, through stealthy missions, lead to systems that allow unprecedented observation of society as a whole.
Apple and Google have joined the battle by supporting a decentralized approach and presenting a joint project to develop digital tools for virus control. The technology giants are releasing a software interface that will allow health authorities to integrate their applications with iPhone and Android operating systems, and plan to release their own applications later.
The EU Executive Committee warned that a fragmented approach to the continuation of applications would be detrimental to the fight against the virus and called for coordination as it provided EU Member States with digital tools to prepare their applications.
THE SINGING SPECIES
Europe’s approach will have wider implications beyond the practical level of developing traceability applications operating in a cross-border context, including many existing applications in the EU.
How we do it, what safeguards we offer and what fundamental rights we look at, says Michael Veale, Professor of Digital Rights at University College London, who is working on the DP3T project. Countries look at Europe and agitators look at Europe and expect the continent to adopt a confidential attitude, he said.
COUNTRY FOR COUNTRY
The European countries, including Austria, Estonia, Ireland and Switzerland, have opted for a decentralised approach. Germany and Italy are also taking over this model and changing course because they initially intended to use a centralised model.
However, there are notable exceptions that increase the risk of different applications not being able to communicate with each other when users cross European borders.
France, a member of the EU, would like to have its own centralised system, but it is in conflict with Apple because of a technical obstacle preventing the use of its system with iOS. The government’s Minister of Digital Technology wants it ready before March 11th. May is ready for a field test, but the legislative debate on the motion was postponed after scientists and researchers had warned of the risks associated with monitoring.
Some non-EU countries are in the process of doing so. One of the first – and most invasive – Smittestopp applications was deployed in Norway. It uses both GPS and Bluetooth to collect and upload data to central servers on an hourly basis.
Britain has left the Apple system and Google is developing it because it will take too long, said Matthew Gould, director of the Digital Department of the National Health Service, which oversees development. He told the parliamentary committee that the British application would be technically ready for use in a few weeks’ time.
Later versions of the application have allowed users to download an anonymous list of people they’ve been in contact with and location information to create a social picture of how the virus is spreading through contact, Gould said.
These comments stirred British scientists and researchers, who last week in an open letter warned against going too far in creating a data collection tool. Because he has access to social graphs, a bad actor (state, private sector or hacker) can spy on the activities of real citizens, they write.
Although Spain has announced its intention to support European initiatives or to develop its own application, its complex plan to lift one of the most serious restrictions in the world does not include any follow-up application. The Minister of Health has said that the country will use the applications when they are ready, but only when they have added value, not just because other countries will use them.
That’s what it looks like: Requests for follow-up of COVID contacts 19 : Effective tools to control the risk of viruses or a security nightmare?
That’s what it looks like: Security, data protection with mobile government applications COVID-19
That’s what it looks like: The COWID 19 crisis in Europe – Rapid response of criminals to the COWID 19 crisis
Previous columns for the corresponding press :