UK government may trace COVID-19 patients using mobile phone data

The ICO pledges to take into account “compelling public interest” for any potential data protection violations

The government may introduce emergency measures to trace the mobile phone data of individuals believed to have contracted coronavirus, as well as the data of those they’ve been in contact with.

UK authorities may have the powers to bend data protection laws and trace individuals to contain the spread of the virus, as a string of other countries has begun to do in response to the COVID-19 outbreak.

Israel, for example, has recently passed laws allowing its authorities to effectively spy on, and communicate with, individuals thought to have been exposed. South Korea, similarly, has used technology to implement heavy surveillance measures to clamp down on people spreading the virus.

Facing questioning by the chair of the House of Commons’ health select committee, Jeremy Hunt, the government’s chief scientific adviser Sir Patrick Vallance said that such measures certainly have merits.

“I think that would have been an absolutely brilliant thing to have had in January,” he told MPs, when asked by Hunt. 

“So at the beginning, that sort of approach makes total sense. It may well have utility later on, and may well have utility as you go to a situation where you get the armor down and you see what happens when you release. 

“So I think those technologies do have certainly a place that needs to be looked at carefully and implemented, and I know people are working very hard on that sort of approach, and as you are probably aware I think that was used extensively also in China through the WeChat app that they have.”

The UK is poised to pass a set of emergency measures under the Coronavirus Bill. Although there is no explicit mention of using data in such a way, mobile phone tracing may fall under national security provisions outlined in the legislation.

Health Secretary Matt Hancock, meanwhile, has preempted the privacy concerns that may arise by suggesting the General Data Protection Regulation (GDPR) does not inhibit the use of data for coronavirus response.

“GDPR has a clause excepting work in the overwhelming public interest,” he said. “No one should constrain work on responding to coronavirus due to data protection laws. We are all having to give up some of our liberties; rights under GDPR have always been balanced against other public interests.”

The Information Commissioner’s Office (ICO) has also issued a brief statement suggesting it would not seek to investigate or punish authorities and public sector bodies for bending data protection principles. It’s labelled itself a “responsible and pragmatic regulator” that takes into account the compelling public interest of the current coronavirus crisis.

“Data protection and electronic communication laws do not stop Government, the NHS or any other health professionals from sending public health messages to people, either by phone, text or email as these messages are not direct marketing,” the ICO said.

“Nor does it stop them using the latest technology to facilitate safe and speedy consultations and diagnoses. Public bodies may require additional collection and sharing of personal data to protect against serious threats to public health.

“The ICO is a reasonable and pragmatic regulator, one that does not operate in isolation from matters of serious public concern. Regarding compliance with data protection, we will take into account the compelling public interest in the current health emergency.”

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Cloud solution – yes or no? The answer starts with your strategy
Whitepaper

Cloud solution – yes or no? The answer starts with your strategy

29 Jul 2021
The controversial CLOUD Act
Whitepaper

The controversial CLOUD Act

29 Jul 2021
US government renews COVID-19 vaccine distribution agreement with Palantir
platform as a service (PaaS)

US government renews COVID-19 vaccine distribution agreement with Palantir

26 Jul 2021
A new trust model for the 5G era
Whitepaper

A new trust model for the 5G era

24 Jun 2021

Most Popular

UK gov considers blocking Nvidia's takeover of Arm
Acquisition

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Tesla Megapack goes up in flames at Australian battery site
Hardware

Tesla Megapack goes up in flames at Australian battery site

30 Jul 2021