yesLauren HeplerNone
×

Get access to Protocol

I’ve already subscribed

Will be used in accordance with our Privacy Policy

People

Companies' next moral crisis: How to track employees without invading their privacy

Nearly one-quarter of CFOs surveyed by accounting giant PwC said contact tracing was part of their office reopening strategy.

A photo illustration shows logos for coronavirus tracking apps

Before reopening offices, many companies will need to decide how to do contact tracing with employees.

Photo: Olivier Douliery/AFP via Getty Images

As tech companies grapple with how to reopen offices in the next phase of the COVID-19 outbreak, mobile contact-tracing systems seem like a perfect way for Silicon Valley to channel its data prowess to protect employees.

At least in theory.

In reality, the prospect of tracking workers' movements in case they contract the coronavirus — then potentially expose co-workers or customers — is raising difficult questions about effectiveness and privacy, according to industry leaders. It's another powder keg of risk and liability that businesses must navigate amid an unprecedented public health crisis as governments begin to lift shutdown measures.

Firms looking to invest in contact tracing will have to decide whether to create their own systems or mandate that employees opt into broader public contact-tracing efforts before they return to work. They'll need to decide how systems would integrate with their particular business routines, while balancing their responsibility to an individual employee's privacy against their responsibility to others.

Nearly one-quarter of chief financial officers surveyed by accounting giant PwC in late April said contact tracing was part of their office reopening strategy. But what form such efforts will take is an open question.

"Companies are going to find out that they're going to have to do contact tracing in one form or another. The question is going to be, what is the most efficient and private way of performing this task?" said Jay Cline, principal and U.S. privacy leader for PwC. "Employee privacy is the sleeping giant of the COVID-19 crisis. In order to meet the public health objectives, companies have to meet privacy objectives at the same time."

While Google and Apple are at the forefront of efforts to digitize contact tracing using Bluetooth technology, other groups are building their own systems, from researchers at MIT to central governments in South Korea, the U.K. and France. Opportunistic tech vendors are pitching localized offerings, like Nodle's app in Berkeley, and wearable device manufacturers are pitching in-office tracking capabilities. At the same time, companies are enlisting consultants and attorneys to evaluate whether it's worth investing in their own internal contact tracing systems.

The objective is to balance potential liability for spawning a COVID-19 cluster — as has happened at workplaces including meat-processing plants — with concerns about privacy and data security. Among the potential pitfalls are false positive reports, false negatives, over-collection of sensitive health data, and the loss of that data to hackers.

"It's still a huge question mark," said Matthew Damm, an employment law attorney at Fenwick & West. With few state-approved contact-tracing apps and no federal guidance on the issue, he's urging companies to pursue the "least invasive" methods possible.

The trouble with tracing

HP, which employs 55,000 people worldwide, has already reopened offices in China and elsewhere by emphasizing precautions for employees including wearing masks, getting tested for COVID-19, and submitting to touchless body-temperature checks, said Chief Human Resources Officer Tracy Keogh. Tech-enabled contact tracing, however, has so far taken a backseat.

"We're not doing any tracking of people," Keogh said. "Some of these tools are pretty invasive."

State and federal regulators, such as the Equal Employment Opportunity Commission, have issued emergency orders to ease some standards for employee privacy, including allowing temperature checks, which raise an assortment of other issues.

The alternative to digital contact tracing — interviewing people who come down with the disease, then notifying others who may have been exposed — is time-tested but time-consuming. PwC's Cline said that early data suggests it takes companies 11 hours of human resources work per infected employee to do manual contact tracing.

At UCLA, public health professor David Eisenman said apps could be a faster and more cost-effective supplement to public health departments reduced by years of budget cuts. "We do not as a country continue to fund public health," Eisenman said. "It's not a resilient system, whereas an app is scalable."

But at the University of California San Francisco, in Silicon Valley's backyard, researchers are building public contact-tracing systems that rely on manpower rather on than apps. The tech that Google, Apple and others are building could be useful not on its own but "in addition" to manual equivalents, assistant professor of medicine Mike Reid said during a public health update last week. Officials are focused on hiring and training thousands of people to call, text and provide social services information to those who may have been exposed.

"This is not a technology that we're using in San Francisco," Reid said. "There's really going to be no replacement for a large army of public health professionals that do this work."

Companies could choose to trust that any employees exposed to the virus will be notified through such public systems. However, different systems have different standards for what constitutes a "contact." Reid said people are only notified of a potential exposure to COVID-19 if they spend 10 minutes in "close contact," or less than 6 feet away from an infected person.

The data game

Last week, when Apple and Google released the first version of its new contact-tracing API, Samy Kamkar was among the developers to download and test the nascent system, which relies on anonymized Bluetooth proximity data. The co-founder and chief security officer of Los Angeles building tech company OpenPath was impressed by the privacy safeguards: User IDs frequently change, data is stored on local devices rather than a centralized database, and geolocation data is not collected.

But if tech workers opt into broader public contact-tracing systems, companies could find themselves at the mercy of self-reported data. "My biggest question right now is what prevents me from pretending I am infected if I'm not?" Kamkar said.

More challenges could arise if people are asked to submit to more than one contact-tracing app — perhaps one at work and one or more outside of it. More splintering, Samkar said, would mean more uncertainty. "I don't think people will want to use competing systems," he said, "because you're losing a ton of data, a ton of information."


Get in touch with us: Share information securely with Protocol via encrypted Signal or WhatsApp message, at 415-214-4715 or through our anonymous SecureDrop.


At PwC, Cline and his team are advising companies wading into contact tracing to think carefully about how long data will be retained, who has access to information and how systems are encrypted. He noted that contact tracing is also closely related to the ability to quickly test for COVID-19, or eventually, antibodies from the virus.

"Companies can sit out contact tracing perhaps until more tests are widely available," Cline said. "That's one of the key components for app-based contact tracing to work the best — for a whole workforce to have been tested, or have tests readily available."

At Fenwick & West, Damm said contact tracing is just one of many ways COVID-19 has upended business as usual. "The idea of an employer taking an employee's temperature would have sounded absurd three months ago," he said. "It's certainly not a world that we're used to living in."

Microsoft wants to replace artists with AI

Better Zoom calls, simpler email attachments, smart iPhone cases and other patents from Big Tech.

Turning your stories into images.

Image: USPTO/Microsoft

Hello and welcome to 2021! The Big Tech patent roundup is back, after a short vacation and … all the things … that happened between the start of the year and now. It seems the tradition of tech companies filing weird and wonderful patents has carried into the new year; there are some real gems from the last few weeks. Microsoft is trying to outsource all creative endeavors to AI; Apple wants to make seat belts less annoying; and Amazon wants to cut down on some of the recyclable waste that its own success has inevitably created.

And remember: The big tech companies file all kinds of crazy patents for things, and though most never amount to anything, some end up defining the future.

Keep Reading Show less
Mike Murphy

Mike Murphy ( @mcwm) is the director of special projects at Protocol, focusing on the industries being rapidly upended by technology and the companies disrupting incumbents. Previously, Mike was the technology editor at Quartz, where he frequently wrote on robotics, artificial intelligence, and consumer electronics.

People

Google's union has big goals — and big roadblocks

Absence of dues, retaliation fears and small numbers could pose problems for the union's dream of collective bargaining, but Googlers are undeterred.

Recruiting union members beyond the early adopters has had its challenges.

Photo: David Paul Morris/Getty Images

When the Alphabet Workers Union launched with more than 200 Googlers at the beginning of the year, it saw a quick flood of new sign-ups, nearly quadrupling membership over a few weeks. But even with the more than 710 members it now represents, the union still stands for just a tiny fraction of Google's more than 200,000 North American employees and contractors. The broader Alphabet workforce could prove difficult to win over, which is a hurdle that could stand in the way of the group's long-term ambitions for substantive culture change and even collective bargaining.

The initial boom of interest from Googlers was thrilling for Alex Peterson, a software engineer and union spokesperson. "It's really reinvigorating what it means to actually be a community of Googlers, which is something that's been eroding over the past four or five years, or even longer."

Keep Reading Show less
Anna Kramer

Anna Kramer is a reporter at Protocol (@ anna_c_kramer), where she helps write and produce Source Code, Protocol's daily newsletter. Prior to joining the team, she covered tech and small business for the San Francisco Chronicle and privacy for Bloomberg Law. She is a recent graduate of Brown University, where she studied International Relations and Arabic and wrote her senior thesis about surveillance tools and technological development in the Middle East.

People

Amazon’s head of Alexa Trust on how Big Tech should talk about data

Anne Toth, Amazon's director of Alexa Trust, explains what it takes to get people to feel comfortable using your product — and why that is work worth doing.

Anne Toth, Amazon's director of Alexa Trust, has been working on tech privacy for decades.

Photo: Amazon

Anne Toth has had a long career in the tech industry, thinking about privacy and security at companies like Yahoo, Google and Slack, working with the World Economic Forum and advising companies around Silicon Valley.

Last August she took on a new job as the director of Alexa Trust, leading a big team tackling a big question: How do you make people feel good using a product like Alexa, which is designed to be deeply ingrained in their lives? "Alexa in your home is probably the closest sort of consumer experience or manifestation of AI in your life," she said. That comes with data questions, privacy questions, ethical questions and lots more.

Keep Reading Show less
David Pierce

David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.

The current state-of-the-art quantum computers are a tangle of wires. And that can't be the case in the future.

Photo: IBM Research

The iconic image of quantum computing is the "Google chandelier," with its hundreds of intricately arranged copper wires descending like the tendrils of a metallic jellyfish. It's a grand and impressive device, but in that tangle of wires lurks a big problem.

"If you're thinking about the long-term prospects of quantum computing, that image should be just terrifying," Jim Clarke, the director of quantum hardware at Intel, told Protocol.

Keep Reading Show less
Dan Garisto
Dan Garisto is a freelance science journalist who specializes in the physical sciences, with an emphasis on particle physics. He has an undergraduate degree in physics and is based in New York.
Election 2020

Google says it’s fighting election lies, but its ads fund them

A new report finds that more than 1,600 brands, from Disney to Procter & Gamble, have advertisements running on sites that push pro-Trump conspiracy theories. The majority of those ads are served by Google.

Google is the most dominant player in programmatic advertising, but it has a spotty record enforcing rules for publishers.

Photo: Alex Tai/Getty Images

Shortly after November's presidential election, a story appeared on the website of far-right personality Charlie Kirk, claiming that 10,000 dead people had returned mail-in ballots in Michigan. But after publishing, a correction appeared at the top of the story, completely debunking the misleading headline, which remains, months later, unchanged.

"We are not aware of a single confirmed case showing that a ballot was actually cast on behalf of a deceased individual," the correction, which quoted Michigan election officials, read.

Keep Reading Show less
Issie Lapowsky
Issie Lapowsky (@issielapowsky) is a senior reporter at Protocol, covering the intersection of technology, politics, and national affairs. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University’s Center for Publishing on how tech giants have affected publishing. Email Issie.
Latest Stories