Across the world, public health authorities are working to contain the spread of COVID-19 (Coronavirus Disease 2019). In pursuit of this urgent and necessary task, many government agencies are collecting and analyzing personal information about large numbers of identifiable people, including their health, travel, and personal relationships. As our society struggles with how best to minimize the spread of this disease, we must carefully consider the way that “big data” containment tools impact our digital liberties.

Special efforts by public health agencies to combat the spread of COVID-19 are warranted. In the digital world as in the physical world, public policy must reflect a balance between collective good and civil liberties in order to protect the health and safety of our society from communicable disease outbreaks. It is important, however, that any extraordinary measures used to manage a specific crisis must not become permanent fixtures in the landscape of government intrusions into daily life. There is historical precedent for life-saving programs such as these, and their intrusions on digital liberties, to outlive their urgency.

Thus, any data collection and digital monitoring of potential carriers of COVID-19 should take into consideration and commit to these principles:

  • Privacy intrusions must be necessary and proportionate. A program that collects, en masse, identifiable information about people must be scientifically justified and deemed necessary by public health experts for the purpose of containment. And that data processing must be proportionate to the need. For example, maintenance of 10 years of travel history of all people would not be proportionate to the need to contain a disease like COVID-19, which has a two-week incubation period. 
  • Data collection based on science, not bias. Given the global scope of communicable diseases, there is historical precedent for improper government containment efforts driven by bias based on nationality, ethnicity, religion, and race—rather than facts about a particular individual’s actual likelihood of contracting the virus, such as their travel history or contact with potentially infected people. Today, we must ensure that any automated data systems used to contain COVID-19 do not erroneously identify members of specific demographic groups as particularly susceptible to infection. 
  • Expiration. As in other major emergencies in the past, there is a hazard that the data surveillance infrastructure we build to contain COVID-19 may long outlive the crisis it was intended to address. The government and its corporate cooperators must roll back any invasive programs created in the name of public health after crisis has been contained. 
  • Transparency. Any government use of "big data" to track virus spread must be clearly and quickly explained to the public. This includes publication of detailed information about the information being gathered, the retention period for the information, the tools used to process that information, the ways these tools guide public health decisions, and whether these tools have had any positive or negative outcomes.
  • Due Process. If the government seeks to limit a person’s rights based on this "big data" surveillance (for example, to quarantine them based on the system’s conclusions about their relationships or travel), then the person must have the opportunity to timely and fairly challenge these conclusions and limits.

In light of these principles, we are troubled by reports about how the Chinese government is using “big data” to contain COVID-19. Reportedly, that government is requiring its citizens to download software to their phones, and then use their phones to scan QR codes when they arrive at checkpoints for entry to public spaces (e.g., trains and malls). This software assigns each citizen a color code (i.e., green, yellow, or red) to indicate their health status. The software dictates whether each citizen should be quarantined, and whether they may enter public spaces. The software also sends information to the local police. The Chinese government says it is only using this system to identify people who may be infected. Citizens report they have been quarantined because this tracking system identified contact between them and an infected person.

We also have questions about a new rule from the U.S. Centers for Disease Control and Prevention (CDC). It requires airline companies to collect the name and contact information of all passengers and crew arriving in the United States on international flights, and to transmit this information to the CDC within 24 hours of an order to do so. The CDC intends to use this information for “contact tracing,” that is, to rapidly identify people who were in contact with an infected person, so those contacted people can be timely notified, tested, and possibly quarantined. Such data processing may be necessary and proportionate to the public health need. 

But we must not lose sight of the great sensitivity of the personal data at issue–this data paints a clear picture of the travel, health, and personal relationships of airline passengers. EFF would like the CDC to explain what it will do to ensure this sensitive data is used only to contain communicable diseases. For example, what measures will ensure this data is purged when no longer helpful to contact tracing? Also, what safeguards will ensure this newly collected data is not used by police for ordinary crime fighting, or by ICE for immigration enforcement?

EFF has long advocated against digital surveillance by government and corporations of our movements, health, and personal relationships, and against big data systems that can turn our lives into open books. Such data processing often invades our privacy, deters our free speech and association, and disparately burdens racial minorities. Some use of big data may now be warranted as public health officials work to contain COVID-19. But it must be medically necessary, as determined by public health experts; any new processing of personal data must be proportionate to the actual need; people must not be scrutinized because of their nationality or other demographic factors; and any new government powers must expire when the disease is contained.