Doctor working on tablet

The role of technology in patient contact tracking during public health emergencies

By: Harry Sharma

This op-ed by Harry Sharma was originally published in Hill Times on May 6, 2020.

Globally, the most effective way to flatten the coronavirus curve has been physical distancing. It slows the spread of the virus and ultimately leads to fewer deaths. In an ideal world, everyone would have the opportunity to practice physical distancing as prescribed by public health officials. Unfortunately, for many people, doing so can be challenging, due to their type of employment, social requirements, or awareness levels.

Since 100 per cent physical distancing is impossible, the virus will continue to spread. For every person who tests positive for COVID-19, public health officials have to go through the painful task of identifying and tracking all individuals with whom the infected patient may have come into contact. This can take weeks and involve thousands of individuals. Since infected patients can transmit the virus during the asymptomatic phase of the disease, contact tracking becomes even harder.

Some countries, such as South Korea, have implemented extensive automated tracking systems for patient contact tracking. This allows for faster mapping of direct contacts and identifying potential emerging geographic disease clusters. These currently deployed contact tracking systems rely on patients’ smartphones and those of their contacts. The technology behind the system is quite prevalent and can be enabled, in most cases, by simply downloading an app.

However, the use of smartphones for tracking, even for noble causes such as patient tracking, raises serious questions about privacy. Smartphone tracking can potentially lead to government surveillance, abuse of power by service providers, and countless other ways to invade citizens’ privacy. China’s use of technologies for patient contact tracking has undoubtedly, and rightly, raised serious concerns among Canadian privacy and health advocates.

In the last few weeks, Google and Apple have announced their plans to enable features in their core operating systems to allow for anonymous patient tracking. These two companies’ operating systems power nearly all smartphones in Canada. The patient contract tracking feature will use a system of randomized tokens created every 15 minutes and shared through a smartphone’s Bluetooth function. Both companies have announced that only authorized health authorities will be allowed to leverage this feature.

However, any time digital tracking is enabled, it carries the potential for misuse by state and non-state actors. There are a few fundamental principles that should be built into health-related tracking functions to mitigate the risks of invading citizens’ privacy and limit the number of people who opt out:

  • Decentralization – The collected tracking data must be saved in a completely decentralized system. No one entity should be able to collate the data, as this may lead to invasion of privacy and violation of citizens’ rights. Decentralized data sets provide sufficient capabilities to enable a patient-tracking function.
  • Anonymization – User tokens must not contain any personally identifiable information to protect the identity of an individual. Patient tracking should be strictly based on an unidentifiable device’s location.
  • Data storage – Data collected through the tracking function must be destroyed in a verifiable way as soon as it has served its stated purpose.
  • Data ownership – Individuals must be the owners of their data. This means that individuals should have the right to delete or transfer the data at their discretion without any penalties or disadvantages.
  • Awareness – Individuals must be the owners of their data. This means that individuals should have the right to delete or transfer the data at their discretion without any penalties or disadvantages.

Canada is at a crossroads with respect to leveraging technology for public health emergencies. As a country, we deeply value the privacy of our citizens and have instituted world-leading privacy regulations and public institutions. The current pandemic, however, has demonstrated the power of technology in controlling the spread of a deadly virus and ultimately saving lives.

We believe privacy and the use of technology for public health emergencies are not mutually exclusive. However, we must continue to develop institutional mechanisms to build a Canadian approach to addressing these challenges for future health-related public emergencies.