Privacy and the COVID-19 Pandemic

In response to the COVID-19 pandemic, governments and businesses used a wide range of digital tools and techniques in an attempt to limit the spread of the virus, presenting an array of new privacy and safety challenges. From expanded systems of data collection to digital contact tracing and location tracking, there are many pandemic tracking techniques that could potentially undermine democratic values and erode privacy. Some online web portals and telehealth systems are also not covered under HIPAA, and transferring data to third parties that may not be HIPAA-compliant creates serious risks to privacy. 

Thus, it is essential for government agencies and private companies to implement standards to safeguard privacy. The World Health Organization has also recognized this and spoke out for data protection. In March 2020, Dr. Michael Ryan of the WHO stated that the organization was working to ensure that “all of the initiatives we’re involved with, while aiming to develop good public health information, in no way interfere with the individual rights to privacy and protections under the law.” Privacy and public health are complementary goals and privacy enhancing technologies can be deployed to both serve the public interest and also protect individual rights. 

In May 2020, Representatives Anna G. Eshoo (CA-18), Jan Schakowsky (IL-09), and Suzan DelBene (WA-01), and U.S. Senators Richard Blumenthal (D-CT) and Mark Warner (D-VA) introduced the Public Health Emergency Privacy Act. The bill would protect personal data collected in connection with COVID-19 from being used for non-public health purposes and provides for both public and private enforcement.

It is crucial that governments, companies, and other entities collecting personal data ensure that the systems they use are necessary, effective, lawful, and protective of privacy.