Politics

In 2020, COVID-19 derailed the privacy debate in the U.S.

From biometric monitoring to unregulated contact tracing, the crisis opened up new privacy vulnerabilities that regulators did little to address.

In 2020, COVID-19 derailed the privacy debate in the U.S.

Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, says the COVID-19 pandemic has become a "cash grab" for surveillance tech companies.

Photo: Lianhao Qu/Unsplash

As the coronavirus began its inexorable spread across the United States last spring, Adam Schwartz, senior staff attorney at the Electronic Frontier Foundation, worried the virus would bring with it another scourge: mass surveillance.

"A lot of really bad ideas were being advanced here in the U.S. and a lot of really bad ideas were being actually implemented in foreign countries," Schwartz said.

In China, where the virus first took hold, the country had already begun using draconian smartphone-based tools to track sick people's whereabouts and effectively force them to stay home. In Israel, lawmakers rushed through a proposal to give government officials access to Israelis' location data. As the White House met with tech giants including Facebook and Google to discuss ways they could help, Schwartz and others feared the U.S. might be next in allowing fear of the virus to subvert basic civil liberties.

Nine months into the crisis, Schwartz said, the "worst ideas" being deployed internationally have yet to take hold in the U.S. But that doesn't mean COVID-19 hasn't created a slew of smaller, but still insidious privacy setbacks for Americans who, in recent years, have become increasingly wary of all the intrusive ways that governments and private companies use their personal data. Since March, corporate offices and college campuses have been flooded with biometric scanners, employers have deployed software that lets them remotely monitor workers' keystrokes and giant corporations like Ticketmaster have contemplated linking people's negative COVID-19 tests to their tickets to gain entry to future events.

While many of these precautions are well-meaning attempts to preserve public safety and to use technology to get the economy up and running again, they can come at a cost to personal privacy. And yet, the crisis has once again relegated privacy legislation to the back burner in Congress as lawmakers battle over how to handle dueling health and economic disasters.

Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, says the COVID-19 pandemic has become a "cash grab" for surveillance tech companies. "I think this has been the most dangerous moment for civil rights since 9/11," he said. "When you're faced with impossible choices like whether or not to keep schools open and deprive kids of an education or put them at risk, it's so easy to be taken in by the allure of magical thinking and startups that say if you just install this tracking device you'll somehow be able to avoid doing the impossible."

Contact tracing has been a source of concern, as governments across the country work with a slew of private firms to manage manual contact tracing with no real guardrails in place. "People by the thousands are telling contact tracers where they've been, who they're with, and we don't think there are sufficient ways to secure that data, especially when private contractors or for-profit corporations are helping," Schwartz said.

In New York, Cahn's organization supported legislation that would have protected New Yorkers from having their contact tracing data used against them in court or administrative proceedings. That bill passed over the summer, but Governor Andrew Cuomo has yet to sign it into law, leaving that information vulnerable. "In most states, police or ICE can get contact tracing data with a subpoena," Cahn said. "This not only creates a privacy threat, but it's a public health nightmare. There are millions of Americans who would second guess whether to fully disclose their potential contacts."

Apple and Google partnered on a contact-tracing tool that went to extremes to ensure people's data wouldn't be centrally stored or shared with either company or with the government. But health officials, at least early on, scoffed at the limitations. "Digital apps and technology have struggled in the in-between space of wanting to track the path of this disease, this virus, while at the same time really struggling with very real privacy concerns," said Malkia Devich-Cyril, founding director and senior fellow at the advocacy group MediaJustice.

The imminent rollout of a vaccine presents even trickier questions, like what happens if businesses or governments begin requiring people to prove they've been vaccinated in order to access certain spaces. California's legislature already defeated a bill that would have created a blockchain-based system to create what Schwartz calls "immunity passports." EFF argued that requiring people to hand over their smartphones to prove their immunity would open them up to other privacy invasions and would require people to have a smartphone in the first place. "We view this as a horrible, horrible idea," Schwartz said, noting that EFF will be "in the trenches" if any similar proposals arise.

Over the course of 2020, there have been other, subtler attitudinal shifts too. In the spring, news outlets that, in the past, criticized apps for surreptitiously tracking and selling people's location data, suddenly began tapping that same data to track where people were actually staying at home or whether anti-shutdown protesters might be spreading the virus. "We think there's a lot of COVID-washing going on," Schwartz said.

That COVID-washing hasn't been uniform though, Devich-Cyril said, noting that Black and brown communities with a long history of being surveilled remain wary of that kind of intrusion. "The simple fact of a medical disaster is not enough to turn people away from their desire for basic freedoms and rights," Devich-Cyril said.

Still, despite these setbacks, privacy advocates did score some wins in the midst of the chaos. On Election Day, Portland, Maine succeeded in banning facial recognition technology. Michigan voted to require police to seek search warrants before accessing electronic data. And California passed Proposition 24, a measure that rewrites the California Consumer Privacy Act and gives Californians new rights over protecting their data.

"That is the story of privacy in 2020," said Jim Steyer, CEO of Common Sense Media, which backed Prop. 24. "That was a significant step forward." It's worth noting that not all privacy groups celebrated the passage of Prop. 24. Some, like the American Civil Liberties Union, opposed it over concerns that it created new privacy loopholes for businesses.

Schwartz is at least relieved that so many of the "bad ideas" that emerged at the beginning of 2020 have not been adopted in the U.S. But as the pandemic rages on through 2021, the fight for privacy in the face of a global health crisis will undoubtedly continue.

Fintech

Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more.

Keep Reading Show less
FTA
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.
Enterprise

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep Reading Show less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep Reading Show less
Bennett Richardson

Bennett Richardson ( @bennettrich) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.

Enterprise

Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep Reading Show less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories
Bulletins