Abstract
The rapid dynamics of COVID-19 calls for quick and effective tracking of virus transmission chains and early detection of outbreaks, especially in the “phase 2” of the pandemic, when
lockdown and other restriction measures are progressively withdrawn, in order to avoid or minimize contagion resurgence. For this purpose, contact-tracing apps are being proposed for large scale
adoption by many countries. A centralized approach, where data sensed by the app are all sent to a
nation-wide server, raises concerns about citizens’ privacy and needlessly strong digital surveillance,
thus alerting us to the need to minimize personal data collection and avoiding location tracking. We
advocate the conceptual advantage of a decentralized approach, where both contact and location data
are collected exclusively in individual citizens’ “personal data stores”, to be shared separately and
selectively (e.g., with a backend system, but possibly also with other citizens), voluntarily, only when
the citizen has tested positive for COVID-19, and with a privacy preserving level of granularity. This approach better protects the personal sphere of citizens and affords multiple benefits: it allows for
detailed information gathering for infected people in a privacy-preserving fashion; and, in turn this
enables both contact tracing, and, the early detection of outbreak hotspots on more finely-granulated
geographic scale. The decentralized approach is also scalable to large populations, in that only the
data of positive patients need be handled at a central level. Our recommendation is two-fold. First to
extend existing decentralized architectures with a light touch, in order to manage the collection of location data locally on the device, and allow the user to share spatio-temporal aggregates – if and when
they want and for specific aims – with health authorities, for instance. Second, we favour a longerterm pursuit of realizing a Personal Data Store vision, giving users the opportunity to contribute to
collective good in the measure they want, enhancing self-awareness, and cultivating collective efforts
for rebuilding society.
lockdown and other restriction measures are progressively withdrawn, in order to avoid or minimize contagion resurgence. For this purpose, contact-tracing apps are being proposed for large scale
adoption by many countries. A centralized approach, where data sensed by the app are all sent to a
nation-wide server, raises concerns about citizens’ privacy and needlessly strong digital surveillance,
thus alerting us to the need to minimize personal data collection and avoiding location tracking. We
advocate the conceptual advantage of a decentralized approach, where both contact and location data
are collected exclusively in individual citizens’ “personal data stores”, to be shared separately and
selectively (e.g., with a backend system, but possibly also with other citizens), voluntarily, only when
the citizen has tested positive for COVID-19, and with a privacy preserving level of granularity. This approach better protects the personal sphere of citizens and affords multiple benefits: it allows for
detailed information gathering for infected people in a privacy-preserving fashion; and, in turn this
enables both contact tracing, and, the early detection of outbreak hotspots on more finely-granulated
geographic scale. The decentralized approach is also scalable to large populations, in that only the
data of positive patients need be handled at a central level. Our recommendation is two-fold. First to
extend existing decentralized architectures with a light touch, in order to manage the collection of location data locally on the device, and allow the user to share spatio-temporal aggregates – if and when
they want and for specific aims – with health authorities, for instance. Second, we favour a longerterm pursuit of realizing a Personal Data Store vision, giving users the opportunity to contribute to
collective good in the measure they want, enhancing self-awareness, and cultivating collective efforts
for rebuilding society.
Original language | English |
---|---|
Pages (from-to) | 61-66 |
Number of pages | 6 |
Journal | Transactions on Data Privacy |
Volume | 13 |
Issue number | 1 |
Publication status | Published - 2020 |
Keywords
- Personal Data Store
- mobility data analysis
- contact tracing
- COVID-19