In the last weeks, a growing number of public health authorities, all over the world, are trying to figure out how to contain the spread of COVID-19. Day after day, new applications are being spun up by individuals, big tech firms and governments around the world to achieve a high level of accuracy with contamination and contact tracing. In most cases, this is only possible by collecting and analyzing personal information about large numbers of identifiable people, including their health, travel, and personal relationships. 

Special efforts by public health agencies must be granted, and we understand that: the State has special duties and rights, and digital and physical policies, must reflect a balance between the collective good and the civil liberties in order to protect the health and safety of our society from disease outbreaks.

If you are an independent developer, or a team of collective, trying to stand up such a critical response app, we are here to help. As of today, we are initiating our novel “Privacy Review for Pandemic Response Program” to help independent developers and small-medium teams with a FREE privacy review to support the ongoing pandemic response to help achieve a balance between critical safety measures and privacy measures.  

How does it work

If you are:

Working on an app, web app, or any other piece of technology that will be using any sort of user data for Covid-19 rapid response, we are offering advice on implementing privacy-preserving features.

A regulator or decision-maker who isn’t sure what standards should be put in place for these emergency-focused apps, we are providing expertise and guidance.

An expert in this domain, please join us and help the global community fight this pandemic without having to sell off their data protection right forever – sign up here.


Why are we needed

We’re clearly living a new challenge, but if we zoom out we’ll notice that surveillance of infectious diseases is not something new at all. But this time, the crisis is so quick and widespread, that we don’t have the luxury of time. Which is why we need to be overly cautious as we overrule privacy requirements to combat Covid-19 via technological innovation 

While there are quite a few privacy aspects that have the potential to be abused, a few remain on top of our minds as we perform the review and advice to the regulators and developers:

  • Discrimination: There is a historical precedent for improper government containment efforts driven by bias based on nationality, ethnicity, religion, and race, rather than facts about a particular individual’s actual likelihood of contracting an illness, such as their travel history or contact with potentially infected people. 
  • Transparency: When we need to move fast, the chances of forgetting this principle are pretty high. Any government use of large-scale data to track the virus spread should be clearly explained to the public. This includes the publication of detailed information about the information being gathered, the retention period for that data, the tools used to process them, and the way these tools guide public health decisions. 
  • Proportionality: A software that collects large-scale, identifiable information about people, must be justified and deemed necessary by public health experts for the purpose of containment. And that data processing must be proportionate to the need. Proportionality applies to the measures themselves: the data surveillance infrastructure we’re going to build in these months should not long outlive the crisis it is intended to address.
  • Abuse and Misuse: Entities collecting data specific to the COVID-19 crisis, such as information about individuals who are searching for testing centers or information about the disease, must not be able to use such data for any other purpose. The data must not, for example, be combined with behavioral targeting data or be used to train machine learning algorithms to improve advertising. Let us also not forget the malicious actors who are already targeting several organizations to get their hands on sensitive health and location data, therefore, security is going to be essential.

There is no need to suspend the rules on the protection of personal data. The way we’ll manage this clash between fundamental rights is the way we’ll shape our “new normal”.