In the second instalment of a two-part series exploring the implications of Covid-19 for digital rights and data ethics, MSc Health and International Development alumna Elise Racine focuses on the potential impact of emerging tech solutions for vulnerable populations.

As I mentioned in my first piece, a wave of new technological solutions has emerged as part of the efforts to tackle the COVID-19 pandemic. These solutions have especially been utilized to conduct contact tracing. Many have been driven by governments and have been involuntary, raising critical questions around informed consent and the impact of such technologies on our fundamental rights. For instance, poorly designed and/or implemented projects may lack the democratic oversight necessary to prevent them from being misappropriated now or in the future. I concluded the article by noting that the COVID-19 pandemic may usher in a new era of mass digital surveillance. Considering a history in which innovation has frequently been co-opted into surveillance networks that discipline and marginalize vulnerable groups, this possibility is concerning. Thus, I felt it was imperative we discuss the potential implications of pandemic surveillance initiatives specifically as they apply to vulnerable populations.

The Global Health Security Paradigm

Due to my interest in digital identity technologies—which have been driven in part by security concerns—my research at LSE explored the recent securitization of the global health system. By this I mean that in the last several decades there has been a profound shift in global health governance, one in which health issues have increasingly been labelled security threats. This shift started in the 1990s and early 2000s with attempts to frame HIV/AIDS as a security matter. Largely driven by national economic interests, these attempts centered on the disease’s potential far-reaching effects on global economic output and political stability.

These securitizing tendencies intensified following the 9/11 terrorist attacks, which demonstrated that the risk of biological warfare was no longer limited to the armed forces but threatened the entire population. The resulting health security narrative—which remains dominant in the global health system today—adopted a state-centric perspective prioritizing the nation’s health and well-being over that of individuals or communities and the interests of certain Western states in particular. We see these interests reflected in the health security agenda, which has been dominated by three issues: bio-terrorism, HIV/AIDS, and acute and severe infectious diseases of epidemic potential. The purpose has been to prevent these threats (and their consequences) from spreading into the Global North.

This health securitization process has been characterized by the suspension of normal politics and an urgent call for new preventative measures, including novel digital surveillance tools. When looking back at these technological solutions, we see how the risk of terrorism was used to justify “watered-down safeguards for individual privacy” and has resulted in an unprecedented classification, compilation, and analysis of data. These efforts have been carried out in the name of protecting public safety. They have also frequently targeted refugees and migrants, whom have been increasingly framed as existential threats to national security and economic well-being since the 9/11 attacks. This includes being labeled “disease spreaders.”

Such rhetoric is gaining renewed attention in the midst of the COVID-19 pandemic (and its severe economic fallout), and may continue to serve as justification for nationalist, populist, and xenophobic rationalizations once the crisis ends. Security politics legitimizes the use of extraordinary measures that bypass democratic procedures and other legal constraints, which can cause lasting institutional changes that make reactivating security rhetoric and processes easier. This self-reinforcing tendency is dubbed the “‘emergency trap’ of global security.” We may see something similar happen in the wake of the COVID-19 crisis in which it becomes easier to normalize the digital surveillance tools emerging now.

The risk for function creep means that these tools may be coopted by other security initiatives. The use of mobile data originally collected for counterterrorism purposes to track confirmed COVID-19 cases and enforce quarantine measures by Israel’s domestic security agency, Shin Bet, illustrates how the conflation of health and security issues can lead to the misuse of technology beyond its intended objective. Tasked with protecting the population at large, these tools may particularly discriminate against marginalized groups who may lack the resources to defend themselves. Moreover, as a major public health crisis that has had a severe impact on Western countries and economies, the COVID-19 pandemic threatens to further perpetuate the global health security paradigm and the inequalities within this system.

The Need for Robust Data Protection and Privacy Frameworks

These possibilities emphasize the importance of robust legal frameworks around data protection and privacy. The right to privacy is inherently flexible and, consequently, difficult to define. This is due to its roots in cultural norms and responsiveness to changing societal, political, and technological environments. By introducing new means of undermining and preserving privacy, technological advancements frequently reshape our understanding of the concept. For example, the invention and widespread adoption of computers clearly correlates to the first pieces of legislation protecting personal information. As the right to privacy has increasingly encompassed the notion of informational privacy (i.e., the right to control one’s personal data), a number of countries have adopted data protection laws to regulate the collection, usage, sharing, storage, and destruction of personal information.

In practice, however, these protections have been unevenly applied. Non-nationals often lack the same privacy and data protection rights as citizens of their host country. Furthermore, various obstacles (e.g., corruption, corporate influence, poor enforcement mechanisms, weak separation of powers, lack of infrastructure, resources, and/or capacity) frequently subvert data protection measures in developing economies and democracies. This weak regulatory landscape helps explain why humanitarian contexts have historically been popular settings to pilot new innovations. Recently this has included digital identity technologies that citizens in countries with more effective democratic processes have repeatedly challenged and rolled back.

But as governments around the world rush to implement COVID-19-related digital surveillance tools with little oversight or protections, it raises the question of what these efforts will look like in countries already known to struggle with safeguarding their inhabitants’ personal data. Moreover, what could these efforts become if we do not do something now? As it stands, there are no internationally accepted and enforced data protection standards. Maybe the pandemic can serve as a much-needed impetus to reconsider this lack of protection.

Elise Racine is an MPA candidate at the Hertie School and a research associate for A Path for Europe (PfEU), a nonprofit think tank where she focuses on digital rights and data ethics. She holds a MSc with Distinction from LSE and a BA with Honors from Stanford University.

The views expressed in this post are those of the author and in no way reflect those of the International Development LSE blog or the London School of Economics and Political Science.