Select Page

Data sharing in a global pandemic

by | Apr 21, 2020

As the world continues to brace the impact of Covid-19, data privacy remains a central concern in the development of working from home and containing the spread. Last week, Google released an anonymized dataset of location data outlining hotspots of group gatherings. In addition to this, UK officials are looking to introduce contact tracing applications. For those companies containing the spread within their offices, Zoom has risen as a trusted video conference app. However, in the last few weeks, serious privacy concerns have increased.  

Google releases location data.

On Friday, Google released its COVID-19 Community Mobility Reports. These reports are a collection of data from users who have opted in to sharing their location history with the search giant. This location history comes from Google maps, where the data is aggregated and anonymized. 

Google says that by releasing this data, public health officials are able to determine which businesses are most crowded. This helps to determine the type of grand scale decisions to be made in terms of curfews, stay-at-home orders, or which companies are necessary to remain open. 

The reports are open for public viewing, opening up the data of 131 countries with certain countries displaying regional data such as provinces or states. After selecting the country, Google creates a PDF file with the data for downloaded. 

Each PDF report contains six categories of location data. These include: 

  • Retail and recreation (restaurants, shopping centers, libraries, etc.)
  • Grocery and pharmacy (supermarkets, drug stores)
  • Parks (beaches, dog parks)
  • Transit stations (subways, bus and train stations)
  • Offices 
  • Residences 

(source

Creating these reports comes after weeks of requests from public health officials asking for applications to test a person’s contact with an infected patient. While Google’s data is unable to determine that these datasets may help cities or countries to determine preventive measures. 

Other countries have used similar, more aggressive technology using location data. At the beginning of March, we released an article about Korea’s efforts to stop the spreading by using people’s location to track if they leave their house or not. 

Another news article revealed Taiwan also participated in using location data to track its citizens. Even by going as far as calling phones twice a day to ensure citizens are not just leaving their house without their phone. 

Google released that its data will cover the past 48-72 hours, and has yet to determine when the data will be updated.

Contact Tracing Apps

Similar to the data released by Google, there is more pressure on governments to introduce contact tracing apps like the ones seen in Korea or Taiwan.

In the UK, researchers have begun compiling papers to discuss how privacy can be handled and mishandled in these tracing apps.

One researcher, Dr. Yves-Alexandre de Montjoye, created a whitepaper outlining eight questions to understanding how privacy is protected in these types of potential apps. 

These eight questions include: 

  • How do you limit personal data gathered by the app developers?
  • How do you protect the anonymity of every user? 
  • Does the app reveal to its developers the identity of users who are at risk? 
  • Could the app be used by users to learn who is infected or at risk, even in their social circle? 
  • Does the app allow users to learn any personal information about other users? 
  • Could external parties exploit the app to track users or find out who’s infected? 
  • Do you put in place additional measures to protect the personal data of infected and at-risk users?
  • How can users verify that the system does what it says? 

(source

As governments move quickly to contain the spread of Covid-19, actions like contact tracing apps are becoming seriously considered for introduction. However, patient privacy should not disappear. As the world braces for an even more significant influx of Covid-19 cases, it is in the hand of government officials and big tech to work together to contain the spread while maintaining data privacy.

Zoom faced with data sharing lawsuit

A few weeks ago, we released an article outlining small privacy concerns about introducing Zoom into the work from home environment. Since that article, Zoom has not only increased in popularity but insignificant privacy concerns as well. 

On March 26, Vice news released an article detailing Zoom’s relationship with Facebook. 

Vice reported that Zoom sends analytic data to Facebook, even when a Zoom user doesn’t have a Facebook. While this type of data transfer is not uncommon between companies and Facebook SDK, Zoom’s own privacy policy leaves its data-sharing out.

The article report that Zoom notifies Facebook when a user opens its app as well as specific identifying details for companies to target users with advertisements through. 

Zoom reached out to the news article stating they will be removing the Facebook SDK. However, it wasn’t long before the video-conferencing company was hit with a lawsuit. 

But the privacy concerns don’t just come from data-sharing. The past few weeks have seen numerous reports of account hacking, allegedly not offering end-to-end encryption, password stealing, leaks, and microphone/camera hijacking

And these claims are only just starting to roll in. As Zoom projects to the top of one used video-conferencing technology during this work-from-home burst, the next few weeks could see thousands of data privacy broken.