s we confront the first global pandemic of the century, we are learning a critical lesson. Infection control depends on early detection of contagious individuals and warning their contacts they need to get tested themselves and, if positive, to go into quarantine. This approach of testing and contact tracing is currently the only method to stem rising transmission rates before community transmission becomes widespread.
The challenge of contact tracing is scalability. First, there must be sufficient testing and diagnosis to detect infected people quickly. More challenging is finding and reaching those who have interacted with the virus carrier. If someone has been infectious for days, they may have closely interacted with many people. Remembering, identifying, finding and contacting them is highly labour-intensive.
Not surprisingly, public health experts and government authorities are looking to the tech community to help provide a scalable solution to testing and contact tracing. Moreover, collection of this sort of data, as well as other information, can give experts a more comprehensive, real-time picture of the ebb and flow of infection and the location of emerging hotspots.
Several firms and governments are developing possible solutions, many of which use Bluetooth connectivity so they can identify all mobile devices that came within range of an individual. If a person is found to be infectious, all devices within Bluetooth range during the relevant period would receive a warning, provided their devices were running appropriate software.
This contact-tracing tool would protect personal privacy in several ways. First, participants in this plan would have to download the app, thereby opting into the programme. Second, when a warning goes to close contacts, it would travel point-to-point without transiting through a central database. Therefore, this would be a radically decentralised system.
Third, those receiving a warning would not receive the identity of the virus carrier, but simply learn they had been in close contact with someone who was infectious. This approach is relatively privacy-protective in that ideally it would keep no record of who was infected or exposed. It is also entirely consent-based. Users must download the app and, if they test positive, be willing to launch the alert from their own devices.
For these reasons, however, the very private model is less useful to public health authorities. There is no mandatory reporting, no record of who was or might be infected and no requirement that people download the app. As a result, authorities would not have access to significant information on population-wide incidence and degree of community spread.
The French National Assembly has debated this point, with some advocating a centralised contact-tracing protocol that would be pseudonymous but with data held in one place for the authorities. Germany is apparently opting for the decentralised approach.
The trade-off boils down to this: do we want to harvest general population data that is epidemiologically useful, or is the priority to make sure the government will not be able to use the data for other purposes, such as tracking all social activities?
Consider as well that if this information can be attributed to a specific individual, some nations could integrate it with other data, including public surveillance cameras with facial recognition, and even medical records such as visits to the national health care system. Using artificial intelligence to analyze these mountains of data could enable more robust public health interventions to stop viral transmissions early, but in the hands of an authoritarian regime this data could be used for repressive purposes.
Where will this leave us in two years when – we hope – this outbreak abates, either through a vaccine or mutation? The experience of the current lockdown with its serious economic, social and mental health harms will leave deep scars and anxieties about future pandemics which will surely come.
The desire to avoid another economic crisis will spur strong motivation to build and operate an early warning test-and-trace system to stop the next global pandemic. This urgency will be an incentive to build the most robust, accurate and mandatory health data collection system.
At the same time, given increasing civil rights concerns about data collection, fears of public health as a Trojan horse for the surveillance state will only intensify. Observers of China will be aware how massive collection and analysis of data powered by increasingly sophisticated artificial intelligence can be a tool of political repression.
How this balance will be struck is unclear. If there is to be a balance, though, any pandemic warning regime must adopt and enforce certain basic principles.
First, anonymity should be at the core of a warning scheme. Devices are identifiable, but the rules should prohibit the government from unmasking the owner’s identity. The risk of unmasking is lessened if the warning process is decentralised, but there may still be a way of measuring in aggregate how much contact has occurred in certain areas.
Second, the decision to download the application should be voluntary, but it is fair to make it conditional for certain benefits. For example, downloading and using the application could be a condition of free testing or, in some cases, of employment or participation in certain public activities.
Third, strict time limits should be applied to any data that is collected and restricted to public health purposes. The use and retention of this data should be subject to review and audit by independent agencies.
Data may become a powerful, twenty-first century tool to stem the next pandemic. As we have learned through history, though, we must make sure the cure is not worse than the disease.
This article first appeared in the South China Morning Post.