Skip Navigation
Analysis

Coronavirus, Location Tracking, and Civil Liberties

The rise of mass surveillance after 9/11 offers a cautionary tale for using tech to keep tabs on people during the Covid-19 pandemic.

April 7, 2020

To help combat the coronavirus pandemic,  the Centers for Disease Control and Preven­tion and state and local govern­ments are receiv­ing analyses of people’s move­ments derived from anonym­ized cell phone loca­tion data held by the mobile advert­ising industry. This inform­a­tion is being used to track loca­tions that are still draw­ing crowds and to analyze the effect­ive­ness of stay-at-home orders. There are reportedly plans to create a cent­ral­ized govern­ment portal with this loca­tion data from 500 cities across the coun­try.

At the same time, the White House and the CDC are asking tech compan­ies such as Face­book and Google to provide similar anonym­ized data to track the spread of the virus, identify trends, and see if people are prac­ti­cing social distan­cing. And there have been related calls to use indi­vidu­al­ized loca­tion inform­a­tion to engage in contact tracing, which could help identify people that have come into contact with a sick person.

The impulse to turn to high-tech tools in this time of crisis is under­stand­able — and some such tools might indeed be a useful part of our response to Covid-19. At the same time, history offers ample reason to proceed with caution. Before embra­cing new forms of surveil­lance to address the coronavirus, we must ensure that any such responses are propor­tion­ate and groun­ded in evid­ence.

Our exper­i­ence with expan­ded surveil­lance after 9/11 provides an object lesson. With the laud­able-sound­ing goal of prevent­ing the next terror­ist attack, the govern­ment secretly under­took new drag­net surveil­lance programs that viol­ated Amer­ic­ans’ privacy rights. The hasty rollout also sacri­ficed neces­sary assess­ments of whether these programs were likely to work.

Years later, govern­ment analyses found that mass data collec­tion for coun­terter­ror­ism purposes was inef­fect­ive. The Depart­ment of Defense, for example, found that machine learn­ing systems were unable to “accur­ately anti­cip­ate” terror­ist threats. Further­more, this data collec­tion was actu­ally coun­ter­pro­duct­ive, because it ended up bury­ing useful intel­li­gence. Even with a dismal success rate, many of the post-9/11 surveil­lance programs are still active today, nearly two decades after the emer­gency that was used to justify their incep­tion.

To be sure, proposed data collec­tion meas­ures to address the Covid-19 pandemic resist a direct compar­ison with post-9/11 surveil­lance. One reason why mass data collec­tion has been an inef­fect­ive coun­terter­ror­ism meas­ure is because terror­ist attacks are rare and isol­ated events, while the spread of coronavirus, in contrast, is expo­nen­tial and ongo­ing. And while post-9/11 surveil­lance collec­ted swaths of personal inform­a­tion, some of the proposed meas­ures for Covid-19 would use anonym­ized and aggreg­ate data. But this history is never­the­less a valu­able reminder that even in times of crisis, it is crit­ical to ensure that proposed meas­ures are likely to be effect­ive and that privacy interests are appro­pri­ately balanced.

As a prelim­in­ary matter, we simply do not have many specif­ics on how the U.S. govern­ment is inter­ested in using loca­tion data or what compan­ies are offer­ing. To eval­u­ate whether the proposed collec­tion would be effect­ive and propor­tion­ate, it is not suffi­cient to know that geoloca­tion data would be used “to track the spread of the virus” and “help blunt its advance” — we must know exactly how the data would be used. The govern­ment’s discus­sions with the compan­ies who hold this data, however, have been conduc­ted quietly and behind closed doors. This secrecy is a prob­lem in itself. It also suggests that the govern­ment may be inter­ested in collect­ing data simply in the hope that it will be help­ful, but without a clearly effect­ive plan in place.

In addi­tion, we cannot simply assume that meas­ures adop­ted by other coun­tries would be effect­ive now if imple­men­ted here. While using loca­tion data to perform contact tracing may have had some success in coun­tries like South Korearesearch­ers acknow­ledge that the useful­ness of contact tracing is depend­ent on the wide­spread avail­ab­il­ity of test­ing. In the United States, test­ing capa­city remains woefully inad­equate, and estim­ates suggest the real count of infec­ted persons nation­ally could be as many as 10 times higher than current figures. Contact tracing is also extremely labor intens­ive, requir­ing large numbers of govern­ment work­ers to inter­view sick people and their asso­ci­ates, which would be much more diffi­cult in the United States than in smal­ler coun­tries.

The limits of the avail­able tech­no­logy must also be taken into account. As Tufts professor Susan Landau explains, loca­tion data obtained via cell towers or GPS is too varied and impre­cise for some of the contem­plated tasks. Such data can reveal the general area in which a cell phone is located, but it cannot tell the govern­ment whether two cell phones are within 6 feet of one another, which limits its value as a contact tracing tool or a means of determ­in­ing whether a given indi­vidual is comply­ing with a social distan­cing order.

This could explain why coun­tries like Singa­pore and propos­als in Europe are instead rely­ing on Bluetooth tech­no­logy, which offers preci­sion ranging from 150 feet down to a few inches. But without a massive expan­sion in Bluetooth beacons or wide­spread adop­tion of a partic­u­lar app, cover­age simply won’t be compre­hens­ive enough for mean­ing­ful contact tracing or the enforce­ment of social distan­cing orders in the United States.

Despite these limit­a­tions, loca­tion data may still have a role to play. For example, one company conduc­ted an aggreg­ate analysis of travel patterns using cell phone loca­tion data to study the effect of stay-at-home orders across differ­ent states, conclud­ing that states with fewer confirmed cases of the virus are show­ing smal­ler declines in travel. Anonym­ized and aggreg­ate data might also provide insight into the over­all effect­ive­ness of volun­tary social distan­cing orders by detect­ing clusters of loca­tion data in front of restaur­ants or retail estab­lish­ments.

We must weigh the poten­tial value of using loca­tion data against the impact on civil liber­ties. Histor­ical records of a person’s cell site loca­tion inform­a­tion over an exten­ded period of time can reveal exquis­itely sens­it­ive inform­a­tion, includ­ing a person’s activ­it­ies, asso­ci­ations, and beliefs. Ordin­ar­ily, the govern­ment needs a warrant to compel a phone company to provide these records. While anonym­ized data builds in some protec­tions, there are still privacy concerns. As demon­strated by a New York Times invest­ig­a­tion, it is relat­ively simple to re-identify anonym­ized data by combin­ing it with other inform­a­tion sets. Palantir, a company that special­izes in find­ing connec­tions between dispar­ate data sets, is reportedly already work­ing with the CDC, sharpen­ing concerns that anonym­ized data sets won’t remain that way for long.

In prac­tice, this means that propos­als to use even anonym­ized data for pattern analysis should come with strict privacy protec­tions. These include controls for who can access the data, a policy that specifies accept­able uses of the data, limit­a­tions on shar­ing data with law enforce­ment or intel­li­gence agen­cies, and a data reten­tion period that is propor­tion­ate to the emer­gency. Each of these meas­ures should be tracked in a manner that permits ongo­ing audit­ing for compli­ance. These basic protec­tions are neces­sary to ensure our response does­n’t cause privacy erosions that ripple long past the current pandemic.

Emer­gen­cies strain our demo­cracy, test­ing the strength of our consti­tu­tional freedoms and the rule of law. It’s essen­tial that the U.S. response to Covid-19 is evid­ence-based, time-limited, and reas­on­ably balanced to main­tain our civil liber­ties. If we allow this moment to entrench an unac­count­able surveil­lance appar­atus, we risk its pres­ence as a fixture of our future.