Mobile location data may seem like a promising tool for health officials racing to blunt the frightening spread of COVID-19, but the ACLU warned this week that accuracy issues may limit its effectiveness while raising significant privacy concerns.
As the coronavirus sweeps the U.S., sending Americans to the hospital in record numbers and racking up a staggering death toll, the use of mobile surveillance is being pushed for everything from tracking past movements and tracing contacts of infected persons to enforcing quarantines and social distancing but its limitations and potential for abuse are troubling.
“The challenges posed by Covid-19 are extraordinary, and we should consider with an open mind any and all measures that might help contain the virus consistent with our fundamental principles. We note some of those possible uses in this report,” ACLU Senior Policy Analyst Jay Stanley and surveillance and ACLU Cybersecurity Counsel Jennifer Stisa Granick wrote in an ACLU whitepaper on the limits of using location tracking during an epidemic. “At the same time, location data contains an enormously invasive and personal set of information about each of us, with the potential to reveal such things as people’s social, sexual, religious, and political associations.”
The enormous potential “for invasions of privacy, abuse and stigmatization,” has the ACLU skeptical even of proposals to use location surveillance, as China has successfully done and Israel seems poised to do, to trace COVID-19 patients contacts an important part of controlling disease transmission.
Location data from phones “generally is not sucfficiently accurate to be used in contact tracing,” Granick told reporters at a press conference.
The rights organization notes, though, that the data on individuals “is not accurate enough for automated contact tracing.” Each method of collection – cell tower location, GPS, Wi-Fi, Bluetooth – has its limitations in pinpointing individual location or withstanding the test of elements. GPS, for example, can be foiled by a thunderstorm and unreliable algorithms can’t differentiate whether two close “contacts” are face to face in the same space or, for instance, are in separate apartments.
China has had some success through the use of QR codes, which residents scan from a required phone app in taxis, building entrances, bus stations and the like. “These real-world checkpoints provide far more reliable and accurate tracking than wireless technologies — and can be combined with those technologies,” the report said. But, the U.S. “has no such checkpoint infrastructure in place, little capacity or apparent desire to build one, and no legal authority to compel people to carry a phone, much less install a specific app on their phone.”
Despite those limitations, “the accuracy of cellphone location data is adequate for detecting people who move any significant distance from their homes, or who are traveling from another place,” the ACLU said.
“Aggregate data could also be used to enforce compliance with stay-at-home orders. For example, companies could notify the authorities when cellphone data suggested that people were gathering in numbers prohibited by local public health measures, without sharing the identities of those who appear to have gathered, such as at a rogue bar that appeared in Los Angeles during a shelter-in-place regime.”
But those efforts might not be effective, the organization warned, “because an enforcement approach often sparks counterproductive resistance and evasion and tends to sour the relationship between citizens and their government at a time when trust is of paramount importance.”
While the ACLU maintained it might be possible to design location data collection models that address the limitations and privacy concerns, but urged that officials “adhere to important principles such as voluntariness, decentralization, simplicity, transparency, and the lack of reliance on a persistent identifier.”
Transparency, says ACLU Legal Counsel Neena Singh-Guliani, “is absolutely critical. No one should be kept in the dark.”
As in any initiative that involves location data collection and use, the ACLU recommends asking:
1. What is the goal? Is it tracking overall trends, helping people who have tested positive recall past contacts, identifying unknown individuals who may have been infected by the patient, or enforcement of quarantines or stay-at-home orders?
2. What data? Is it aggregate and anonymized data, or individually identifying information? How precisely can the information pinpoint individuals’ locations? Is the data set complete enough that one can draw meaningful conclusions? Will the data under- or mis-represent people of color or low-income communities in a manner that could lead to prejudicial results, such as inferior access to health care, or over-policing?
3. Who gets the data? Does the government get access to the raw data, is it shared only with public health entities such as qualified academics or hospitals, or does it remain in the hands of the private entity that originally collected it?
4. How is the data used? Is it used for centralized government action such as issuing or enforcing quarantine orders or for punitive measures? Or, does it enable decentralized individual decisionmaking such as checking announcements of possible exposure points and choosing to go to a testing center?
5. What is the life cycle of the data? Any corpus of data is likely to create risks to the people it represents. A responsible steward of other peoples’ data will have plans for data destruction once the data’s relevance is diminished, to mitigate future compromise.
Guliani noted that the “extraordinary data” in question requires “robust oversight and transparency.”