The privacy of personal information is aimed at protecting human rights both under the international human rights regime and the Saudi Arabian constitution and other statutes and regulations, subject only to some exceptions that include the protection of public health. The coronavirus disease 2019 (COVID-19) pandemic has brought about certain challenges that necessitate strategies to augment the conventional surveillance of infectious diseases, contact tracing, isolation, reporting and vaccination. Several governments institutions, and agencies presently adopt mobile applications for collecting, analyzing, managing, and sharing critical personal data of individuals infected with or exposed to COVID-19. While the benefits of sharing private information for achieving public health needs may not be disputed, the risk of breach of personal privacy is enormous. This had forced the national governments into a dilemma of either succumbing to public health needs, strictly respecting and protecting the privacy of individuals, or alternatively, balancing the two conflicting demands. There is a massive body of literature on the security and privacy of such mobile applications, but none has adequately explored and discussed public interest justifications under Saudi Arabian laws for alleged privacy breaches. We examined the health surveillance mobile app technologies currently in use in Saudi Arabia with the aim of determining the potential risks of data breaches under extant data protection laws. The paper recommends, among others, that any potential risk of breach to right to privacy of personal information under the law must be (justified by) the public health needs to protect society during the COVID-19 pandemic.
Read full abstract