COVID-19

Featured Article – Coronavirus Tracking

Following recent Wall Street Journal reports that phone data from tech companies and data providers is being used to track the movements of Americans in order to better understand the spread of COVID-19, here’s a look at how data and apps are being used worldwide in the common fight against the virus.

Americans Tracked By Phone Location Data

As has recently been reported in the Wall Street Journal, phone data from tech companies and data providers is being used to track the movements of Americans in order to better understand the spread of COVID-19.

The phone data, which is reported not to have any personally identifiable elements, thereby retaining privacy, has been analysed (according to the WSJ) and compiled into reports which have been sent to the ‘Centers for Disease Control and Prevention’ as well as other offices.  The data will also be added to a portal for official use.

500 Cities

The reported goal of making a portal available to officials which contains the analysed phone data from 500 U.S. cities is to be able to help improve America’s response to the unfolding COVID-19 crisis.

Privacy Concerns

Although it could be argued that these are unusual times when all manner of methods of tracking and controlling the virus are likely to be considered, the fact that phone data is being used this way has led to concern among privacy groups and activists.

Not Using Phone Data

However, a spokesperson for ‘Centers for Disease Control and Prevention’ is reported to have said that phone data is not being used but public health surveillance data from sources such as the World Health Organisation (WHO) is being used to help track the spread of COVID-19.

Letter

Back on March 19, Senator Edward J. Markey wrote to Michael Kratsios, the Chief Technology Officer of the United States, asking him to “balance privacy with any data-driven solutions to the current public health crisis”.  Also, in the letter, Sen. Markey pointed out that “a person’s location information can reveal other sensitive details, such as a place of employment, religious affiliation, or political preferences” and, therefore, Sen. Markey asked for assurances that collection and processing of phone location information, even if aggregated and anonymised, would not pose safety and privacy risks to individuals.

Location Tracking in Other Countries

In his letter, Sen. Markey also noted how America should be guided by the experience of other countries that have turned to technology to combat COVID-19 and that,  the use of location data without careful limitations could harm the privacy and civil liberties of Americans.

Singapore

The countries and methods highlighted by Sen. Markey included Singapore, where he alleges that the government publishes personal details of coronavirus, such as their age, nationalities, length of stay in hospital, where they live, and even their connections to one another.

It is likely that he may have been referring to several technological measures being used in Singapore,  such as the TraceTogether app.  The app uses location data and Bluetooth to help stop the spread of COVID-19.  Once on a user’s phone, the app records when that user goes near another person who has the TraceTogether app.  This proximity data is stored on the user’s phone and can be requested for analysis with the user’s permission – which many are willing to give to help stop the spread of the disease.  The TraceTogether app is also used by the Singapore government to send out updates to citizens via WhatsApp twice a day containing information such as the number of cases, suspected locations of outbreaks, and advice for avoiding infection.

South Korea

Another Country referred to by Sen. Markey was South Korea where he suggested that data shared about patients who were being admitted to hospital led to them being stigmatised.

This may have been a reference to the “self-quarantine safety protection” app from the country’s ‘Ministry of the Interior and Safety’ via which the central and local governments send out real-time alerts via text message, apps and online giving details of the number of confirmed cases of coronavirus (COVID-19) and of the travel histories of those infected.

Another app in popular use in South Korea is the “Corona 100m app” which has been downloaded more than 1 million times and alerts users if they breach a 100-metre (328 ft) radius of the latest tracked whereabouts of a coronavirus patient.

South Korea is also reported to be deploying a system that uses data including surveillance camera footage and even the credit card transactions of confirmed coronavirus patients to recreate their movements.

The UK

Following the example of other countries, such as South Korea, using technology to significantly ‘flatten the curve’ of COVID-19, the UK government is reported to be about to launch its own app to warn users if they are in close proximity to anyone who has tested positive for coronavirus. The app will use short-range Bluetooth to detect phones in the vicinity and store a record of those contacts and, if a person tests positive for COVID-19, they can upload the contacts and alert them via the app.  The idea behind it appears to be that, if people test positive for coronavirus, those people that they may have been in contact with can be quickly informed and can self-isolate.

It has also been reported that the data from the app won’t be shared with central authorities, thereby helping to reduce fears of possible privacy breaches.

Large Numbers Needed

For the UK app to be effective, however, it is (somewhat optimistically) thought that more than 50% of the population would need to download it.

Ethics Board To Be Appointed

Considering that the app will be collecting such sensitive information, and assuming that it does achieve a very large number of downloads, it appears likely that UK’s National Health Service ‘NHSX’ (a new unit driving forward the digital transformation of health and social care) will need to appoint its own ethics board to oversee the app’s development.

Social Media and Tech Giants

As well as whole countries and governments looking at ways to collect and use location data to help fight the spread of COVID-19, tech giants like Facebook and Google are also offering to use their collected data to help.

Facebook

Facebook is reported to be using its unique perspective as a company with access to data from 2.5 billion monthly active users to:

– Provide (anonymised) location information to feed into analysis and forecasts that could help tackle the spread of the virus.

– Produce three disease prevention maps on population movement, as part of its, ‘Data for Good’ program, to help inform disease forecasting efforts and protective measures.

– Send out a prompt on Facebook aimed at encouraging people in the U.S. to sign-up to a voluntary survey from Carnegie Mellon University Delphi Research Center that’s been designed to help health researchers identify COVID-19 hotspots.

Google

Google is also releasing ‘COVID-19 Community Mobility Reports’ to health officials, based on its own collected, anonymised data from phones, to show movement trends and insights and thereby help to tackle the spread of COVID-19.

Looking Ahead

Most people would probably agree that using what data is available, if it really is in an anonymised form that will not impact on privacy, and if it is used just to help tackle the spread of the virus is a reasonable idea.  It is a good thing that some countries appear to have been able to use apps to help gather data and inform people in a way that may save lives, and it appears that the UK will also be using the power of technology (an app) to help in the fight.

The challenge is to be able to use data from consenting people i.e. people who have downloaded the apps and agreed to have their location data used, in an ethical way, in a way that protects privacy,  and in a way that doesn’t lead to stigmatising or prejudice or is carried on for other purposes beyond tackling this particular outbreak.

Data Reveals Business Worries About Remote Working Challenges

London-based security company Redscan has reported that recent Google searches reveal how businesses are focused on how they can adapt to the security and technology challenges posed by remote working.

Not Prepared

This does appear to show, perhaps not surprisingly, given the speed at which the spread of the COVID-19 virus led to the temporary closure of business premises and a lockdown, that businesses were not fully prepared to manage business continuity and the challenges created by this rather unexpected threat.

COVID-19 Phishing Scams

Redscan reported that, for the first time in many years, ‘COVID-19’ and not ‘Apple’ has become the most searched-for term in relation to phishing campaigns.

Business Continuity

Redscan has also reported that searches for “business continuity plan” reached an all-time high in Google from 8 March to 21 March.  Other searched for terms that hit record-levels included “remote working”, “remote access” and “VPN”.

Redscan’s CTO, Mark Nicholls, says on the company’s website that the popularity of “business continuity” as a search term “suggests that many businesses did not already have a continuity plan in place, and now is hardly an ideal time to implement one”.

Mr Nicolls also highlights how the pandemic has provided cybercriminals with “a unique opportunity to target remote employees” and suggests that “employee cyber awareness training and proactive network and endpoint monitoring are more important than ever”.

Collaborative Working Tools

Search terms relating to popular collaborative working tools such as ‘Zoom’ (the most searched for), GoToMeeting, WebEx, Slack and Microsoft Teams have also seen huge search volumes in Google in recent weeks.

What Does This Mean For Your Business?

The volume of searches for ‘business continuity plan’ suggests that many businesses don’t have one and have been forced into very quickly searching for information about keeping their business going in during the most challenging conditions since WW2.

Last week, research by Check Point indicated that cybercriminals may be targeting the video conferencing app ‘Zoom’ while in recent weeks there have been reports of several different phishing scams going around.  These include emails purporting to be from doctors offering details of a vaccine cure that’s been kept secret by the Chinese and UK governments, emails with fake links to disease management policies, fake promises of tax refunds for coronavirus, and fake emails asking for donations to fund the fast development of a COVID-19 vaccine. It appears, therefore, to be a sound observation from Redscan that employee cyber awareness training and network and endpoint monitoring are more important than ever, and businesses need to be extra vigilant as cybercriminals are seeking to exploit this extraordinary situation to steal data, money, and/or install malicious software on business networks.