BackgroundThe novel coronavirus SARS-CoV-2 rapidly spread around the world, causing the disease COVID-19. To contain the virus, much hope is placed on participatory surveillance using mobile apps, such as automated digital contact tracing, but broad adoption is an important prerequisite for associated interventions to be effective. Data protection aspects are a critical factor for adoption, and privacy risks of solutions developed often need to be balanced against their functionalities. This is reflected by an intensive discussion in the public and the scientific community about privacy-preserving approaches.ObjectiveOur aim is to inform the current discussions and to support the development of solutions providing an optimal balance between privacy protection and pandemic control. To this end, we present a systematic analysis of existing literature on citizen-centered surveillance solutions collecting individual-level spatial data. Our main hypothesis is that there are dependencies between the following dimensions: the use cases supported, the technology used to collect spatial data, the specific diseases focused on, and data protection measures implemented.MethodsWe searched PubMed and IEEE Xplore with a search string combining terms from the area of infectious disease management with terms describing spatial surveillance technologies to identify studies published between 2010 and 2020. After a two-step eligibility assessment process, 27 articles were selected for the final analysis. We collected data on the four dimensions described as well as metadata, which we then analyzed by calculating univariate and bivariate frequency distributions.ResultsWe identified four different use cases, which focused on individual surveillance and public health (most common: digital contact tracing). We found that the solutions described were highly specialized, with 89% (24/27) of the articles covering one use case only. Moreover, we identified eight different technologies used for collecting spatial data (most common: GPS receivers) and five different diseases covered (most common: COVID-19). Finally, we also identified six different data protection measures (most common: pseudonymization). As hypothesized, we identified relationships between the dimensions. We found that for highly infectious diseases such as COVID-19 the most common use case was contact tracing, typically based on Bluetooth technology. For managing vector-borne diseases, use cases require absolute positions, which are typically measured using GPS. Absolute spatial locations are also important for further use cases relevant to the management of other infectious diseases.ConclusionsWe see a large potential for future solutions supporting multiple use cases by combining different technologies (eg, Bluetooth and GPS). For this to be successful, however, adequate privacy-protection measures must be implemented. Technologies currently used in this context can probably not offer enough protection. We, therefore, recommend that future solutions should consider the use of modern privacy-enhancing techniques (eg, from the area of secure multiparty computing and differential privacy).
Read full abstract