As COVID-19 is rapidly spreading around the world, public health authorities are eagerly searching for effective measures to flatten the curve and decrease the rate of contamination. Among others, many governments are using or considering using surveillance technology to track the movements of people infected by COVID-19 and notify those who may have been exposed to the virus. Naturally, the use of such measures on a wide scale raises serious privacy concerns. In Israel, for example, there is a lively debate over emergency regulations enacted to allow the government to monitor “technological data” for issuing warnings to people who may have been in contact with COVID-19 patients, and such measures are currently undergoing judicial review by the Israeli Supreme Court. In Europe, the European Commission has recently issued recommendations on the use of technology and data to combat and exit from the COVID-19 crisis, with an aim to strike a balance between the need for effective measures for fighting the pandemic and the desire to protect fundamental rights, namely privacy. Among others, the commission recommends that privacy-by-design principles (i.e., integration of data protection principles as part of the development process) be integrated in a pan-European approach for using digital means to address the crisis.
This article focuses on the implementation of privacy-by-design principles in COVID-19-related applications and demonstrates the use of such principles through an example of an application launched by the Israeli Ministry of Health.
“HaMagen” (“the shield” in Hebrew), which was developed in a joint effort of the MoH, tech companies and volunteers, including external cybersecurity and privacy experts, compares GPS location data stored on a person’s smartphone with the location data of patients diagnosed with COVID-19. In case of a match, the user is notified and given the option to report their exposure to the MoH. The main privacy-promoting feature of the application is that, per the application’s privacy policy, the user’s location data stays on the device and is not shared with the MoH or any third party. Instead, the application downloads digitally signed data files containing the location history of diagnosed COVID-19 patients from the MoH’s servers and the comparison of such data with the user’s location data takes place on the user’s device.
In addition, the application’s retention of location data is limited to 14 days (the estimated incubation period of COVID-19). Furthermore, in an effort to increase transparency and security, the MoH published the application’s source code on GitHub and manages it as an open-source code (save for several commercial libraries). According to the MoH, the application has also undergone extensive cybersecurity testing (including architectural checks, code reviews and penetration tests) by several cyber and information security agencies, specialists from the private sector. The application further has a detailed privacy policy, which is available in four languages.
According to media reports, less than a week from its launch, more than 1 million people downloaded the application out of a population in Israel of approximately 9 million. It remains to be seen how effective the application will be in limiting the outbreak of COVID-19. Yet, the integration of privacy promoting principles in its development process and the transparency with respect to its operation are important for building trust and for encouraging the public to download and install the application.
So, how can app developers implement privacy by design when developing new applications for fighting COVID-19? Here are some practical tips:
Incorporate data protection principles from the very first steps:
Privacy by Design to become an ISO standard next month
Fourteen years after being introduced by a Canadian privacy commissioner, Privacy by Desig…