Pandemic surveillance: is tracing tech here to stay?

The coronavirus disease (COVID-19) contact tracing smartphone app of Britain's National Health Service (NHS) is displayed on an iPhone in this illustration photograph taken in Keele, Britain, September 24, 2020. REUTERS/Carl Recine/Illustration

The coronavirus disease (COVID-19) contact tracing smartphone app of Britain's National Health Service (NHS) is displayed on an iPhone in this illustration photograph taken in Keele, Britain, September 24, 2020. REUTERS/Carl Recine/Illustration

What’s the context?

From contact tracing to facial recognition, the pandemic has seen countries turn to technology to save lives. But as the virus retreats, can surveillance be rolled back, too?

By Umberto Bacchi

March 9 (Thomson Reuters Foundation) - The two-year fight against COVID-19 has turned technology into a weapon of choice to defeat the virus but experts now worry that tech will outlive the pandemic and normalise mass surveillance.

From contact tracing apps to facial recognition, technology has become part of the arsenal used to protect public health.

While this might have helped save lives, rights advocates say intrusive solutions could already be so entrenched that personal privacy is the long-term price many people may yet pay.

"Once a big system is introduced into a society, it is difficult to fundamentally fix it, even if a problem is found afterwards," said Chang Yeo-Kyung executive director of South Korea's Institute for Digital Rights.

The country has largely been a COVID-19 success story, partially thanks to aggressive testing and tracing.

This year, as cases of the highly infectious but less deadly Omicron variant surged, it scrapped contact tracing and mandatory isolation for vaccinated people in favour of self diagnosis and at-home treatment to free up medical resources.

Yet, in December, it announced a nationally funded pilot to use artificial intelligence, facial recognition and thousands of CCTV cameras to track the movement of infected people - a move that raised privacy concerns.

Visitors experience facial recognition technology at Face++ booth during the China Public Security Expo in Shenzhen, China October 30, 2017. Picture taken October 30, 2017. REUTERS/Bobby Yip
Go DeeperFace for sale: Leaks and lawsuits blight Russia facial recognition
A CCTV security surveillance camera overlooks a street as people walk following the spread of the coronavirus disease (COVID-19) in Beijing, China May 11, 2020. Picture taken May 11, 2020. REUTERS/Thomas Peter
Go DeeperChina found using surveillance firms to help write ethnic-tracking specs
People use their cell phones at a wifi zone in Mexico City, October 8, 2015. REUTERS/Edgard Garrido
Go DeeperBirds on the wire? Concerns over Mexico’s cell phone surveillance

The project was set to start in January in Bucheon, one of the country's most densely populated cities on the outskirts of Seoul, but it has reportedly suffered delays.

"There are concerns that surveillance will become a 'new normal' for our society after COVID-19," Chang told the Thomson Reuters Foundation via email.

For example, he said people have already grown accustomed to showing proof of identity before entering a venue.

Government, too, has stretched boundaries, Chang said, in one instance using cell towers to identify thousands of people at a given location - then encountering only meek resistance.

QR codes and body heat

Elsewhere in Asia, countries from Singapore to India, from Thailand to Taiwan continue to use contact tracing apps to track local residents, as well as keep tabs on tourists.

Singapore, Thailand and others also extensively use QR codes for check-ins at malls, restaurants, airports and other sites.

Last year, Singapore said it would allow police to use personal data from its contact tracing app in "serious" criminal investigations, and introduced a bill that mandated penalties, including jail time, for misuse of the data.

The Indian state of Jammu and Kashmir said last year that it had shared data from a contact tracing app with local police.

App-based food delivery firms, such as Zomato and Swiggy, began sharing workers' names and body temperatures with clients.

Several Indian cities have also made it mandatory for municipal workers to wear tracking devices, while teachers in New Delhi have filed a lawsuit to stop the use of biometrics in an attendance app they say invades their privacy.


The increase in surveillance has spawned heightened debate and some legal action, according to digital rights experts, as fears grow that surveillance has already gone too far.

"We have been asked to give a lot of data for the purposes of controlling the virus. Sometimes it was necessary, sometimes it was not," said Carissa Veliz, a professor at the Institute for Ethics in AI at Oxford University in Britain.

"On the other hand ... we are seeing more of a backlash than we used to and more awareness.. I think people are tired of feeling spied on."

Estelle Masse, global data protection lead at rights group Access Now, said contact tracing apps in Europe fared relatively well in terms of privacy protection, in part due to greater public discourse.

"A lot of the potential privacy risk that could have existed did not materialise," she said.

European apps, for example, largely stored data on people's phones rather than in one central database, she said, while the extent of info logged only stretched to the need-to-know.


But not everything went to plan - not when authorities used private data designed to stem the virus for other reasons.

In Germany, prosecutors in Mainz apologised after it was revealed that police surreptitiously obtained the details of people gathered by a privately-developed contact-tracing app, Luca, as part of a probe into the death of a man.

Luca said the app had worked as police only got access to its data about a restaurant visited by the man after getting the health department to pretend it was the site of an infection.

Similar cases caused a stir in Australia, where two states trialled facial recognition software that let police check whether people were home during quarantine.

And in Britain, reports that the terms and conditions of some QR code check-in apps used by pubs and restaurants allowed client data to be held for years and shared raised eyebrows.

That underlined the importance of minimising the amount of data that can be collected, and of putting in place strong legal frameworks over its use, said Masse.

But as the world moves from pandemic towards endemic phase, it was also time to start discussing the what-next, she said.

"We're entering a phase when it comes to questions like, 'how long are we going to be needing those apps for?'," she said

If they were no longer deemed necessary, governments had a duty to help phase them out and ensure companies would not repurpose the tools for other uses.

"It's kind of the nature of the internet, platforms disappearing and people forgetting they have an account somewhere. But these are apps that were pushed by governments to be used by millions of people," said Masse.

"The way governments accompanied their rollout and utilisation, they will also have to accompany their deletion from users."

Yet, some developers believe their apps will have a life post-COVID now that people know the upside of digitising services - so long as it is coupled with data protection.

Patrick Hennig, director of Germany's Luca app, said his firm's experience tracking the virus at venues could easily be used to streamline restaurant payments or hotel check-ins.

"(People) are very willing to share their data if they really see benefit," he said. "If things are done correctly, then there is no issue, the general population will accept it."

Context is powered by the Thomson Reuters Foundation Newsroom.

Our Standards: Thomson Reuters Trust Principles


  • Surveillance
  • Digital Divides
  • Cyberspace

Get our data & surveillance newsletter. Free. Every week.

By providing your email, you agree to our Privacy Policy.

Latest on Context