A previous Dorsal View discussed the concerns that were raised by Trinity College Dublin tech researchers regarding some rather intrusive elements of Ireland’s Covid-19 tracker app. The worrying aspects centred around Google’s thirst for our personal information and how this went above and beyond the call of duty when it comes to contact tracing, according to the researchers. One or two mainstream publications ran the story, the HSE made no comment that I am aware of and we all moved on. A look at South Korea shows some of the data protection issues that can arise from these type of tracker apps.
As the outbreak took hold in that country, a tracking app surveillance system was quickly rolled out. This was praised as helping to slow the spread by some, while being criticised by others as ‘Big Brother’-style mass surveillance. And it has gotten a few people into some difficulties with the level of detail it collects.
Many citizens there have complained about being bombarded with flurries of text messages from authorities that include the movements of people local to them who have been diagnosed with Covid-19. When someone is diagnosed, a text alert is sent to people living locally, detailing their movements leading up to diagnosis.
The problem, as some see it, is the sheer level of detail contained in the text, as well as the fact that the app is not optional. The texts sent to Covid-positive people’s neighbours contain details such as the infected person’s age and gender and a record of their movements almost to within seconds. In many cases, this data is harvested using closed-circuit television and credit card transactions, including the identity of the shops they visited and what time they were there. This includes visits to so-called ‘love motels’.
As you can imagine, this has placed a number of South Korea’s citizens in a bit of a sticky wicket.
The text information includes not only which buildings a person has visited, but also the rooms they were in, whether or not they wore masks, and even whether they used the toilet there. All this information is then loaded in excruciating detail onto a national database.
The building blocks were already there, as South Korea enacted laws to allow authorities to collect such detailed personal information following the MERS outbreak there in 2015. During Covid-19, checking such details became a daily routine, along with checking the weather forecast for the day.
However, for some, the information is so detailed as to make a person identifiable. An alert text sent to residents in a certain area read: “A 43-year-old man, resident of Nowon district, tested positive for coronavirus. He was at his work in Mapo district attending a sexual harassment class. He contracted the virus from the instructor of the class.” Further texts included the fact that he had been in a bar until 11.03pm that evening.
Another case involved a women in her 60s who went to work, had a buffet lunch with friends and attended a wedding on the same day. Nothing to see here, apart from the fact that she had recently been hospitalised with injuries she claimed were sustained in a car accident. Naturally, the internet went wild and she was actually tracked down by TV news reporters and put on the spot to deny allegations of insurance fraud.
On another occasion, a man was vilified for visiting an area of Seoul known for prostitution, leading to a barrage of taunts and venom on social media. It later transpired that the man had simply eaten a meal in that general area, which the authorities subsequently described as a “technical glitch”.
Another problem with this system is that it causes people to avoid certain places, such as Covid testing centres, even though they are thoroughly disinfected regularly.
And of course, there are the vultures and scavengers who are always there, ready to take advantage of the hardship of others. Reports have emerged of blackmailers contacting restaurants, claiming that they are Covid-19 positive and threatening to ruin businesses by splashing it all over social media that they had visited the establishment, unless of course a sum of money was forthcoming in exchange for silence.
As the saying goes, a little information can be a dangerous thing. Perhaps too much can be equally dangerous.
