This Is Our Last Chance to Protect Our Privacy Amid the COVID-19 Crisis
As the coronavirus continues to spread a total lockdown across the world, governments are creating the foundations for a new society of total surveillance. Can we stop the global pandemic without sacrificing our freedom? I believe we can, but the technology we deploy today should preserve privacy, not destroy our liberties due to global panic.
Suspending fundamental rights during a crisis may seem comforting, but historically, the declaration of a state of emergency without end leads to new forms of fascism. Yet, from the Chinese censorship of doctors during its COVID-19 outbreak to the absurd lack of preparedness for a pandemic in the United States, it is precisely the government’s lack of preparation over the years that has exacerbated the catastrophe.
When governments seize emergency powers, they never give them up. Under the pretext of monitoring and tracking the spread of the disease, government mass surveillance via mobile phone tracking risks becoming normalized. Algorithmic bias now goes beyond academic studies as opaque algorithms can and will decide who can travel and work in places like China, and will no doubt soon decide who lives and who dies from the virus. Is this the world we want our children to inherit?
The window for deploying technology to preserve privacy is drawing to a close. More than ever, we need technologies that harness the collective intelligence of humanity to tackle the COVID-19 crisis without sacrificing our freedom.
Mass surveillance is only going to get worse after coronavirus
Just as modern computing came out of World War II and the internet was developed from the Cold War, the coronavirus could lead to a new technological revolution. But rather than the biomedical revolution that is needed to actually cure COVID-19, what we have seen is a focus on tracing those infected, even when medical experts note that this is likely too late to be effective in Europe and the U.S.
In China, public monitoring is nothing new, but experts believe the virus has given the government an opportunity to increase surveillance as citizens install self-monitoring apps for their own good. Facial recognition technology is being used to detect heightened temperatures or raise concerns about civilians without protective masks — and there’s no sign of this technology disappearing when, or if, the pandemic does.
Iran has taken advantage of the crisis by trying to get its citizens to install spyware on their phones that directly reports their whereabouts to the government. In Israel, authorities have gone further by announcing that the General Security Service — the country’s domestic intelligence agency — will track Israelis who contract the virus via their mobile phone data, performing “one of the most comprehensive national surveillance exercises anywhere in the world.”
Similarly to how 9/11 led to the National Security Agency legalizing the tracking of civilian data, COVID-19 has provided an all-too-convenient post-terrorism excuse for expanding surveillance in the United States, including via cooperation with Google, Microsoft, IBM and the rest.
While everyone is distracted by the coronavirus, the U.S. government is trying to make the mass capture of messages mandatory via backdooring the end-to-end encryption on client devices by sneaking the EARN IT act through Congress. Some journalists are claiming breaking encryption is even needed to stop the spread of misinformation about coronavirus, despite the fact that most mainstream press in the United States thought “the coronavirus is less dangerous than the flu” just a few weeks ago.
Technology can save us — without Big Brother
We seem damned if we don’t collect the data needed to stop the coronavirus, and damned if we build a mass surveillance apparatus to do so. Is there any way out?
There is a way out of this paradox — we need to build the technology using privacy by design. For over two decades, cryptographers, lawyers and activists have been advocating for decentralized and privacy-enhanced technologies that give us all the benefits of collecting personal data, but keeping our data private.
As professor Alex “Sandy” Pentland of MIT said, “We want answers, not data.” When will the coronavirus peak? Are my friends and family going to be infected? How can we save the most lives? This requires computing on data, but this data can be protected using tools from distributed computing, cryptography and even blockchain technology.
Unfortunately, funding for privacy-enhancing technology from the public sector is virtually nonexistent, just like the funding for a pandemic response. Venture capital in Silicon Valley hasn’t really stepped up yet to fund startups working on privacy. After all, it’s much easier to make a profit by just collecting all the data without any precautions to defend our civil liberties.
There are reasons to be hopeful. Techniques like differential privacy that add “noise” to data provably obscure identity in a database — already have been shown to work by Apple, Google and others.
The government of Singapore is setting a good example: The TraceTogether app for contact tracing does the right thing by keeping sensitive data on the user’s device, rather than trying to gather the data en-masse from cell phone carriers.
Yet building privacy-enhanced technology is just more expensive, just as it’s also more expensive to build bridges that don’t collapse or create COVID-19 tests that actually work.
Stopping surveillance by empowering people
It’s time to release our instinct for human solidarity and mutual aid that can actually cure COVID-19. Everything from designs to parts of low-cost, open-source respirators to 3D-printed face masks that are already in production are signs of what is possible, and the race for a vaccine is on.
Similar to how Bitcoin (BTC) solves hash puzzles, one inspiring effort is Folding@home’s effort to use computational cycles of home computer users to simulate “potentially druggable protein targets from SARS-CoV2” in order to find a cure.
We decided to apply these “people power”-based solutions to stopping mass surveillance. Rather than mining like Bitcoin, Nym harnesses computational cycles of volunteers from all over the world to mix users’ internet packets with those of other people — so their traffic can be anonymous in a crowd. Called a mixnet, this kind of design can defend privacy even against adversaries as powerful as the NSA that can watch the entire network, unlike Tor and VPNs.
With remote working due to coronavirus is exposing companies to greater information security risk, more and more of us are using VPNs at home. However, VPNs only encrypt traffic to another computer and do nothing to prevent mass surveillance, as a VPN just puts all user trust in another computer that can easily hand user data over to the government. In order to prevent this central point of failure, we suggest using blockchain technology to coordinate a decentralized and global network to prevent mass surveillance and ensure free speech and civil liberties.
Even the Roman empire collapsed when faced with massive plagues, and the coronavirus may spell the end of the post-Soviet neoliberal world order. If there’s any chance of getting out of this alive, it’s not because our governments saved us with mass surveillance — it’s because we saved ourselves with the internet-enabled collective intelligence of humanity. Supporting privacy tech gives us that chance, without responding to COVID-19 like it’s a dress rehearsal for making Orwell’s Nineteen Eighty-Four a reality.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Harry Halpin is the co-founder and CEO of Nym Technologies. Nym Technologies was co-founded by chief technical officer Dave Hrycyszyn, who left Libra and now works on privacy; and Claudia Diaz, professor of privacy at KU Leuven. Harry received his Ph.D. from the University of Edinburgh in informatics and has over 50 peer-reviewed publications. Prior to Nym, he conceived and managed cross-browser crypto implementation at the World Wide Web Consortium at MIT and was a research scientist at Inria, where he led the NEXTLEAP and PANORAMIX projects on building mixnets for high-risk users.