Digital continents and colorful fly dots showing contact tracing during COVID-19

Privacy Principles for Implementing Digital Contact Tracing

The spread of the Delta variant highlights how important it is to quickly respond to public health crises, and that means considering how contact tracing technologies can be implemented without undermining public trust or exacerbating disparities. If crafted properly, digital contact tracing technologies (DCTT) can be a valuable tool to help stem future outbreaks and reduce the time needed to identify potential new cases.

Unfortunately, governments and other organizations have had uneven success deploying DCTT to help track the COVID-19 pandemic. Many national governments and U.S. states have faced challenges convincing individuals to use exposure notification apps due to privacy concerns. At the same time, COVID-19 has exposed longstanding health equity issues, including disparate access to technology and social exclusion of historically disenfranchised people.

Last year, the Chinese government traced an outbreak of COVID-19 infections to predominantly African communities in Guangzhou’s Yuexiu and Baiyun areas. Following government reports that five Nigerians in the area had tested positive for COVID-19, the government evicted members of this community from their homes and refused them hotel service, even though they had no recent travel history or known exposure to COVID-19. Individuals with “African contacts” were directed to self-quarantine and bars and restaurants were told to refuse service to clients who appeared to be African.

This disturbing scenario highlights the risks of using DCTT without substantial controls to protect civil, human, and privacy rights – such as a plan to acknowledge and address implicit bias. DCTT should not be used to target or shame groups that share some characteristics.

CPOs and other privacy officers will play an important role in the adoption of DCTT by governments,  businesses, and schools. It is important to take steps to ensure equity in access to DCTT and understand the societal risks and tradeoffs that may accompany its implementation. Privacy leaders who understand these risks will be better able to bolster trust in this technology within their organizations.

To address the challenges of digital contact tracing, the Future of Privacy Forum (FPF), with the support of the Robert Wood Johnson Foundation, partnered with six leading privacy, health equity, and social advocacy organizations to develop principles to guide organizations implementing this technology to do so in a way that respects individual privacy. The eight principles are:

1. Be transparent about how data is used and shared. DCTT users should be made aware of how their data is being collected, used, and shared through prominent, understandable, and accessible statements.

2. Apply strong de-identification techniques and solutions. DCTT providers should apply strong privacy protection techniques and solutions to prevent unauthorized parties from leveraging sensitive data collected via DCTTs in ways that conflict with the spirit of public health or that introduce the risk of harm.

3. Empower users through tiered opt-in/opt-out features and data minimization. DCTT participation should be voluntary (versus mandatory) and DCTT users should typically be given the choice to opt into specific DCTT features (favoring opt-in versus opt-out models).

4. Acknowledge and address privacy, security, and nondiscrimination protection gaps. DCTT developers and institutional adopters of DCTT should publicly endorse an ethical code, standard, playbook, and/or framework that champions diversity and equity in DCTT and be held accountable to such standards.

5. Create equitable access to DCTT. It is important for developers to avoid tying a particular type of device to the most beneficial DCTT features. When creating equitable access to DCTT, it is important to address the unique structural and procedural barriers individuals or groups might experience when seeking access to the benefits of using DCTT.

6. Acknowledge and address implicit bias within and across public and private settings. It is important to acknowledge the current reality and impact of bias that exists across a multitude of important settings, like healthcare or public health settings, and address scenarios in which DCTT might expose, perpetuate, or even exacerbate social bias within those settings.

7. Democratize data for public good while employing appropriate privacy safeguards. To the extent possible, data should be democratized to offer benefits to public health programs and infrastructures. DCTT data can often be shared in a limited, de-identified way to promote these goals.

8. Adopt privacy-by-design standards that make DCTT broadly accessible. Developers should adopt privacy-by-design design standards that can also ensure broad user access to DCTT. Such standards should ensure that the benefits of DCTT can be maximized to serve the public, but without compromising, by design, the privacy of and equity among DCTT users.

To address #privacy challenges of digital #contacttracing, the FPF, with the support of the Robert Wood Johnson Foundation, partnered with six leading privacy, health equity, and social advocacy organizations to develop guiding principles. #respectdataClick to Tweet

The principles created by FPF and its partners address the risks and disparities of DCTT while promoting transparency and access to de-identified contact tracing data for those who should legitimately have it. DCTT is playing a role during the COVID-19 pandemic, and some are looking to contact tracing as a key approach to combat future public health crises. Privacy experts have a crucial role – ensuring that individuals and their data are treated with dignity and respect.


Vice President of Policy at Future of Privacy Forum