It is easy to understand how collecting and storing personal data is necessary and extremely helpful during a worldwide pandemic. Individuals found to be carrying the virus or deemed to be at risk by the artificial intelligence-based algorithms can be found, identified and quarantined which can effectively reduce the risks of transmission and infection.
Privacy enforcement authorities, however, remain infinitely cautious, acknowledging the inherent risk of population-wide surveillance in violating the basic rights of citizens. Not many countries were prepared to resort to such measures, and as such, do not have a solid legal framework in place from which to operate.
Italy, Germany and France for example, are protecting their data privacy laws and values while making the most of data acquisition tools. Many developed countries have already published guidelines to navigate data privacy laws with specific chapters on handling moments of crisis with details including time, purpose, duration and method of collection and usage.
Other countries however are using and repurposing data collection tools for public health and safety, as data privacy laws already encompass government surveillance and data usage regulations. In South Korea for example, the government has apparent and clear power over individuals’ data with legal structures already established. The implication of the type and amount of data collected however is where the controversy lies.
If such tools are to be effective, they must be widespread, but even if data is anonymized, an individual can be identified. One small bit of information can be traced back to any part of a person’s other data sets, from credit cards, emails, phones, and miscellaneous online accounts.
Educating people on data safety measures, and careful consideration of regulations by both private and public institutions before signing is paramount. A fluid, case by case method should be used to navigate through these challenging and sensitive times.