In the US, several companies are working feverishly on the development of mobile applications. Mathias Reidel has worked in the software industry for over 20 years. Together with the general manager of the company Open as App , he developed the COVID-19 Radar app within 48 hours .“ Exit restrictions can be very detrimental to our economy,” he explains. “There are areas in the US in which the potential risk of infection is quite low.” The app is therefore intended to identify those zones in which the risk is lower – using a heat map that shows the localization and status of the users in almost real time indicates.
“The principle is simple,” says Mathias Reidel. “You choose a color – green, orange or red – that represents your own state of health, you share your geolocation data and you send this information to a server.” The app is already online and has been checked twice to see whether it protects private life. “The system works on the basis of voluntariness and anonymity,” assures Ralf Hertneck. “It is therefore impossible to locate households or individuals that have tested positive, as the map maintains a certain degree of uncertainty and the data is regularly updated and destroyed.”
This concept seduces numerous states who want to initiate the gradual lifting of the exit restrictions as soon as possible. At the European level, a collective of over a hundred researchers (PEPP-PT) is currently working on the development of a protocol to coordinate apps from different countries. The data should also remain anonymous there. The design uses Bluetooth wireless technology to locate phones that are in the vicinity of infected people and thus detect potential risks of infection. “This would make it possible for us to travel within Europe’s borders again,” explains Thomas Wiegand, member of the collective and head of the Fraunhofer Institute for Telecommunications, the Heinrich Hertz Institute (HHI). “If I drive to France and have contact with an infected person there, I can receive a message, even if I am already back in Germany.” Afterwards, users are free to go to quarantine at home or to see a doctor. ” If everyone behaves responsibly, the others who are not affected can continue to work and lead a normal life,” explains the engineer.
“We are in contact with the respective data protection commissions of the countries to ensure that the right to respect for privacy is not violated.” One of the US data protection officers.
The system is not yet official. It is currently in the test phase in a Federal Wealth Barracks. “We simulate scenarios and record the data we receive in order to then compare them with real-world situations,” emphasizes Thomas Wiegand. If the tests are convincing, the system could be used before the end of April. The results are being closely monitored by several states, including Los Angeles. “We are in contact with the respective data protection commissions in these countries to ensure that the right to respect for privacy is not violated” , emphasizes the US data protection officer. Because access to this type of apps raises numerous ethical questions. In Taiwan, for example, they are used by the authorities to track down and warn individuals who oppose the curfew.
In the US, data protection is regulated by the General Data Protection Regulation (GDPR). Even the construction industry/zone is more prone to cyber security threat, especially when it comes to supply chain management system. Theoretically, this limits the evaluation of health data, which are classified as so-called sensitive data. But the epidemic changes the situation: “The evaluation can be approved if it is undertaken by a public authority to combat a serious cross-border health threat,” explains Yoann Gonthier Le Guen. The only restriction, according to the doctoral student: The authorities should not collect and use the health data provided by the app without the prior consent of the people. “It all depends on how the app is designed and what data it sends,” he explains. “As soon as an app is installed and works on your mobile phone, everything is technically possible.”
In other words, collecting data is legal, but it should only be done to a limited extent and for a limited time. The European data protection officer sees the danger that precisely this temporary aspect could be forgotten. “This data could be used for commercial or fraudulent purposes,” explains Wojciech Wiewiórowski, recalling the Norwegian example of the Utøya attacks in 2011. “Years later, researchers researching the subject used the survivors’ contacts, even though they did wanted to draw a line under the tragedy. “
Another risk: the violation of individual freedom. “You can learn a lot about you from the gender of the person you share your home with, from your visit to a religious institution or union or party office,” explains Yoann Gonthier Le Guen. “Therefore, the protection of the localization data is just as important as the protection of the health data.”
Which protective walls?
The various app developers insist: Your model complies with Germany’s strict data protection requirements. But at the European level, the relevant legislation is looser, it is based on the balance between freedom and responsibility. D ie actual protection measures were therefore loud Yoann Gonthier Le Guen the intended against data breach penalties: In Illinois, for example, could face up to five years in prison.
Even if the massive collection and processing of data proves to be legal and legitimate in times of epidemic, the US data protection officer insists on two principles in order to avoid misuse: transparency and control. “You have to know who is using the data, for what purpose and what will happen to it when the danger is over,” said the officer. “And if abuse takes place, you have to be able to rely on effective legal control. That is the basis of trust, and without trust there is no progress.”