With citizens accessing the Internet in droves in the COVID-19 crisis, governments and corporations are taking advantage of the ‘new normal’ to ramp up their surveillance of public behaviour, Varya Srivastava writes.
As governments race to contain the COVID-19 pandemic, social distancing policies have forced many workplaces, along with recreational activities and events, online.
From work to social interaction, the Internet has become the backbone that is enabling all global collaboration, pandemic response and economic activity. Socialising through the Internet has become the glue holding together many relationships as communities weather the storm of isolation.
The Internet has enabled work from home, catch-ups with friends and family, information on the evolving crisis, and the sourcing of essentials like groceries and medical advice, amongst other things.
This has sparked many questions: How much online surveillance is ethical? When is privacy more important than public safety and health? Who has right to use the private data of others, and for what reasons?
While answers to these questions are complex and subjective, one thing is clear. The choices policymakers make in times of crisis will shape the future, and will likely remain in force post-COVID-19. Navigating issues of surveillance during the crisis requires realising and recognising three critical things.
First, surveillance is everywhere. The public tend to think of the surveillance architecture in terms of physical components like cameras, drones, or facial recognition.
While these are of course part of the picture, they do not tell the whole story of surveillance. Surveillance is what and how these physical components collect and make sense of data. Biometric data or location data in itself means nothing.
The real power of surveillance comes from the underlying algorithm and the interaction of the data collected across different physical components.
Collecting information about the public – for instance, through facial recognition – is not necessarily problematic in itself. It becomes problematic, however, when that information is misused by law enforcement or companies, which can be very difficult to avoid.
When misused, this information can allow citizens of a particular locality, community, or identity influenced to be targeted by bias. It also has practical drawbacks. For instance, according to a 2019 Federal study in the United States, Asian and African American people were up to 100 times more likely to be misidentified than white men by facial recognition software. Of course, it also becomes problematic when data is collected for a purpose hidden to the owner of that data, and when data is used without their consent.
Modern surveillance architectures are much more sophisticated than they have been in the past. They have the potential to track a person, especially with the conception of Smart Cities. Though liberal democracies the world over are major users of artificial intelligence surveillance, authoritarian states are more likely to get away with the misuse of their citizens’ data.
In the pandemic crisis, it is more important than ever to use surveillance in a cautious, accountable, and ethical manner, because there is so much to be gained in fighting outbreaks from the correct use of surveillance technology.
This means that policymakers must recognise that behind the technical construction of a surveillance system is a team of humans with biases, subjective thoughts, and interests, and there is room for unintentional error. Then, they must take steps to neutralise these shortcomings.
That said, surveillance is not just a government issue. More and more, surveillance capabilities are not in state hands. Major tech companies like Google, Huawei, Facebook, Apple, and Amazon, are forming the foundation of an omnipresent online surveillance architecture.
These companies are both building the physical products seeing such widespread use in the pandemic internet boom, like smartphones or other devices, and also designing the software that underpins them.
This means that any government interested in understanding surveillance and protecting privacy has to understand the role, capability, and stake that each of these actors has in the online world.
If these actors are brought in, they can be subject to higher levels accountability and liability, and can be encouraged to build an environment of trust between the public and private sectors on this issue.
Parallel to this, there remains the important technical task of building the capability to make all data collection processes transparent and accountable.
This will require embracing ‘sousveillance’. A French concept, sousveillance it means ‘surveillance from below’. One example of sousveillance is the Republic of Estonia, which has used this concept to great success. After major cyber-attacks in 2007, the Estonian government worked to make their digital infrastructure more secure and transparent.
They did this by ensuring that, firstly, all citizens can see and control the data that the state collects, and secondly, that the data is protected and government institutions are individually responsible for data processing and security.
Another great example is the city of Barcelona. By creating a digital participatory program, the city crowdsourced the governance of their smart city capabilities and open-sourced the city data through the DECODE Project.
The DECODE Project is particularly remarkable, as it decentralises data governance and lets individuals choose who gets access to their data.
In both Estonia and Barcelona, citizens control data flows and structures in transparent and accountable relationship with the government, and this is the kind of action policymakers need to take to deal with the threats to data that have accompanied the pandemic crisis.
Without sousveillance, governments are at risk of creating a dystopian post-COVID-19 reality of paranoia, changed behaviour, and curbed freedom. To prevent this, immediate checks and balances are required on surveillance. Building trust, accountability, and authenticity is crucial.