The trade-offs for digital data and contact tracing


Dr Andrew Chen
Research Fellow, Koi Tū: The Centre for Informed Futures


Contact tracing is one of the most powerful tools in containing the spread of an infectious agent like SARS-CoV-2 (the pathogen that causes COVID-19). Once a person is confirmed as infected with a virus, public health agencies do their best to retrace the steps of that person and identify other people who may have been exposed to the virus. This is especially important for a disease like COVID-19, which has a period of time where infected people may be asymptomatic and therefore not know that they have been infected. In the early days of virus spread, acting quickly to contain infected individuals can keep an outbreak under control and effectively suppress virus spread. But there are key trade-offs that need to be considered between health and privacy, and ensuring that interventions and actions are justified and proportional.

Normally, contact tracing is a manual process. A human investigator interviews the patient to create a log of where they have been and who they have interacted with. Skilled investigators know how to ask the right questions, and can sense when there are gaps that need to be filled. They move quickly to contact people who may have been exposed, and then repeat the process to find others that may have also been exposed to the virus. They may require people to be isolated and/or conduct further testing. However, one of the big challenges is that when infected individuals have been in crowded places like music concerts or public transport, the patient is unlikely to know all the people they have had contact with.

So naturally, investigators look to use supplementary sources of data. The government can request lists of people who bought tickets to concerts. Electronic fare payment cards used to tag on and off public transport can be linked back to their owners. These methods are not perfect – people gift or sell concert tickets, some people pay for public transport with cash – but a large proportion of people can be found and informed that they need to self-isolate.

Unfortunately, when a disease is as contagious as COVID-19, all it takes is for one person to be unaware that they are infected to unwittingly continue to spread the virus. Furthermore, manual contact tracing is a laborious process that does not scale well if the number of cases keep increasing. The only way we could have perfect contact tracing is if we could track the physical location of every person at all times.

So governments are looking to technology solutions that implement surveillance over the whole population. Most people are carrying smartphones that can be used to track physical location. These smartphones are constantly connected to cell towers that can be used to triangulate a signal and determine a rough location. Many smartphones have GPS and Wi-Fi/Bluetooth running too, with apps like Google Maps reporting your location on a regular basis. Uber and similar services use it to know where to pick you up and to show you where their cars are. This is pre-pandemic technology that has been collecting data for years, so why not use it?

While the use of digital technologies and associated tracking data is attractive for contact tracing purposes, there are serious technical and ethical issues that need to be carefully considered. Firstly, the accuracy and precision of location tracking is often called into question. Areas with more cell towers produce more accurate localisation, but that means tracking may be patchy in rural areas. Cellphone or GPS tracking can produce errors when people are inside, especially if they are in multi-storey buildings in the middle of an urban jungle. Just because a smartphone is registered to someone doesn’t necessarily mean they are the person holding it at the time, and people don’t carry their smartphones all the time. Using this data means that it’s more likely that healthy people will be isolated (also known as false positives) because of the inaccuracies of localisation. Anyone supporting digital contact tracing would argue that these are all minor technical challenges that only produce small errors, and that it works well enough to cover most people.

But we need to then consider if using this data for this purpose is justifiable, because constant tracking of all people, whether they are infected or not, is a deep invasion of privacy. It is a use of the data that most people would not have known about or acknowledged when they used their phones, and users effectively cannot opt-out to retain their privacy. It feels covert, something that is happening to people without their knowledge or permission. Knowing where someone is at all times is powerful, and that power could be misused by people with poor intentions. The need for privacy is a response to the fact that information about us can be used against us, and we need these protections to feel secure and live our lives.

This is a tricky balance. We need contact tracing to save lives and using digital data could make that much more effective. But we also need to protect people’s privacy and minimise rights abuses that could have serious consequences. Both of these sides operate in an environment where nothing is known for certain – no one can guarantee that tracking everyone’s cellphones will definitely save lives. Even worse, the use of digital contact tracing could discourage people from reporting symptoms if they didn’t want to be tracked. It’s important to note that most governments can already access this data if they want to – the barrier isn’t legal, it is ethical. The key to finding the right balance is proportionality – that the actions taken are proportional to the causes and outcomes, or in other words ensuring that the ends justify the means.

Proportionality is an important concept in maintaining balance. At one end of the scale, proportionality governs the legal use of force in armed conflict under international humanitarian law. At the other end, we teach kids about fairness – you give me a packet of chips, I give you a peanut butter sandwich. Proportionality is not just about taking an eye for an eye for punishment; it forms the basis of trading and money and economies. It is an integral part of the social contract, that people should do good things because then good things will happen to them in return.

The trouble with proportionality is that even though some of us like to think of it as objectively determined, it is fundamentally subjective yet needs a common understanding. Reasonable people will disagree over when the pandemic is serious enough to warrant widescale surveillance of the population. While some governments like China, South Korea, and New Zealand are wanting to use it for contact tracing, others like the UK and the US are using the same technologies to enforce physical distancing – a separate activity with an arguably lower level of importance and effectiveness. These two activities also arguably relate to different governmental functions, health vs. police, which have different contexts. Our understandings of fairness are contextual, personal, and sociological. What seems appropriate (or at least not inappropriate) for one population may not be appropriate for another.

Trying to convince everyone to develop and hold the same value set is unrealistic. When a government is using a new technology on people, or using existing technologies in new ways, it needs to establish social acceptability with the population to inform people and establish trust. Education and shifting social norms on a population level is a slow, costly operation, and subject to a variety of historical and contextual conditions. Using cellphone data to track people for the purposes of contact tracing may be acceptable to some, but for others it will make them feel uncomfortable and undermine their confidence in government. At a time when morale and trust in government are critical for stability and encouraging compliance, the risk of alienating people is a real concern.

The concept of proportionality also presents a paradox for decision makers because the situation is changing rapidly. When the number of infections is low, then manual tracing is perhaps more effective and targeted, and the situation is not serious enough to justify wide-spread surveillance of all people. By the time that the situation has escalated and the use of digital contact tracing becomes justifiable, the outbreak may already be too hard to contain anyway. If everyone is already in lockdown, then contact tracing is still useful, but has less impact because people are already isolated. It’s challenging to define an appropriate balance of when it is the right time to use cellphone data to track people too, although once the pandemic is over it should be a given that any tracking systems must be turned off.

We do have an alternative model to consider. On March 20, Singapore rolled out an app called TraceTogether. People install the app on their phones and ensure that Bluetooth is enabled. When they are physically close to someone else with the app, the phones exchange Bluetooth signals and the encounters are logged in the app. It takes a couple of seconds for the exchange – short enough to capture most interactions but long enough to ignore spurious connections. Anonymous IDs are used so that phone numbers are not exposed. Bluetooth is relatively short-distance (functional within a couple of metres), so it provides a good proxy for physical proximity and is more accurate than GPS or cellphone-signal methods. It could also help distinguish between people who have been close contacts versus those who are merely casual contacts. Location itself is not necessary because contact tracing relies predominantly on connections between people. The data is stored on the phone in encrypted form, and is only sent to the Ministry of Health if the user authorises it after they have been diagnosed with COVID-19. While there have been some technical bugs like the app needing to stay in the foreground on iPhones and interference with other Bluetooth devices like headphones, a lot of thought has gone into the privacy-aware design of the system.

This methodology is promising because it takes an opt-in approach: users choose to use the app and participate in contact tracing. In a society like Singapore’s, the app has been seen as a way to not only protect yourself, but to also help protect those around you. More than 600,000 Singaporeans enrolled in a few days. This gives users a sense of agency that is lacking from options that rely on harvesting cellphone network data. Instead, users actively participate in the system and know that it’s happening, and can feel they are contributing towards a solution. The government only tracks consenting individuals who need to be tracked, rather than tracking everyone. When I consider this scenario, it also shows me that tracking a few people feels manifestly different to tracking an entire population. This could help users feel like their privacy is being respected, helping build trust with the system. The design of this system shows that it is possible to achieve a similar outcome to tracking cellphone location data with fewer implications for privacy.

The point here is not that privacy rights should be absolute or unbreakable. Rather, it is that the trade-off between interventions and rights needs to be carefully considered with an understanding of what proportionality means for the people who will be affected. Those affected need to be brought along for the journey and understand what is happening to them. We need solutions that build trust and confidence to make society stronger, not weaker. And importantly, when a promising intervention meets an established human right, rather than charging ahead anyway, we should consider other ideas that might make the balance easier to find.


This article has been peer-reviewed by Kristiann Allen, Tatjana Buklijas, Jill Rolston, Jamie Hosking, Peter Gluckman, and Matthias Kaiser.

Andrew is a Research Fellow with Koi Tū: The Centre for Informed Futures. He comes from a technical background with a PhD in Computer Systems Engineering from the University of Auckland. His PhD research focused on the use of camera-based person tracking, as well as how might use technology to help protect the privacy of people. Andrew also has a background in civics education and policy analysis, and is now using that to explore how we can bring technical expertise with other forms of evidence to form pragmatic and practical policy suggestions that can help our society find a path forward through the digital revolution.

See also:

Media release – 1 April 2020
 Can smartphones help NZ stop spread? – 1 April 2020 – Andrew discusses the article with NZ Herald’s Jamie Morton
Could apps help contact tracing? – 2 April 2020 – Andrew talks to RNZ Morning Report’s Susie Ferguson
The digital war on coronavirus: why apps are the next weapon – 3 April 2020 – Comments in
Can tech solve the next big Covid-19 challenge? – 3 April 2020 – Interview with Marc Daalder, Newsroom
700 close contact traces a day but still no use of Bluetooth tracking – 5 April 2020