Balancing privacy at the time of pandemic: global observation

Abstract

The rapid outbreak of COVID-19 has initiated the development of mobile applications aiming at helping public health authorities to slow down viral diffusion. The proliferation of these applications engenders challenges to forge a balance between ‘public health utility’ and ‘personal privacy’. This paper scrutinizes various applications that collect personal data according to their functions and data protection compliance. These applications are mostly of three broader categories- contact tracing, self-assessment, and quarantine enforcement. We conduct systematic categorization based on five parameters-type of owner or provider, host platform, functionalities, the existence of privacy policy, and state of the source code. A total of 122 apps encompassing 83 countries were assessed during a research period of 20 days (June 1 to 20, 2020). Findings suggest that although the majority of the applications publish a privacy policy, many applications do not give information in detail, making the issue of privacy obscure. The majority of the applications collect various sensitive personal data irrespective of their functionalities, provider, and platform. Most applications are not open source raising concerns over trust and transparency. The findings are valuable to policymakers who are formulating short, mid, and long-term technology policies to strike a balance between functionality and personal privacy.