While many governments around the world are attempting to use technology to contain the novel coronavirus’s spread, there are debates around whether these efforts may violate citizens’ privacy in the short and long term.
To learn more about the technology solutions arising during the coronavirus pandemic, we spoke with the co-director of AU’s Internet Governance Lab, SIS professor Nanette Levinson.
Q. During this global pandemic, how do you see COVID-19 impacting internet governance and cybersecurity?
My work as one of the three faculty directors of the Internet Governance Lab has identified interconnections among internet governance and other research areas characterized by issues that cross national boundaries and have global ramifications. Research in the fields of global health and environmental policy has been especially relevant. What these areas have in common with internet governance-related issues are tensions among country and regional governments and nongovernmental entities, such as industry and nonprofit organizations, and a backdrop of uncertainty, complexity, and reach beyond borders or sectors.
But with the advent of COVID 19, the research I am doing highlights even tighter connections between internet and public health issues. For example, my 2020 research with SIS graduate student Raven Neely finds global health coming to the fore in cybersecurity where, before, discussions/debates have centered on more traditional national security issues. Keeping countries’ health infrastructures secure and safe from cyberattacks now has a higher priority in debates within the United Nations Open-Ended Working Group on Information and Communication Technologies and International Security.
A second finding is the growing crescendo of debate related both to privacy issues and to spreading misinformation via the internet. These debates regarding possible regulatory measures were increasing in world capitals (and in states such as California) even prior to the COVID-19 outbreak. However, the current climate of a global pandemic is exacerbating the calls for regulation as well as the concerns for privacy. Proposals to do contact tracing—identifying exactly where a person has been and with whom that person has interacted in order to track and prevent viral spread—using information that apps collect on people’s cellphones raise significant privacy issues. While contact tracing is vital in pandemic mitigation, the public needs to know what privacy provisions technology platforms use for contact tracing.
The US Congress had been debating regulatory provisions that would govern the conduct of platforms such as Facebook or Google with regard to misinformation being disseminated via their platform. Today, we are especially seeing the online viral spread of misinformation surrounding COVID-19. The platforms are making efforts to stop misinformation; we call this “governance by platforms.” A governance by platforms approach raises the issue as to whether that is the appropriate role for private sector platforms. Another approach, and a more traditional one, is what we call “platform governance”—government regulation regarding platforms. The current plethora of misinformation on platforms regarding the pandemic both locally and globally may finally catalyze the US Congress to pass legislation related to privacy protections and the prevention of misinformation spread.
Q. Are there any solutions to the misinformation dissemination problem via the internet and social media, especially with regard to vital public health information?
One solution proposed by many is the call for everyone to develop “information hygiene,” but I am not fond of that terminology. Rather, I use the term “information intelligence,” which conveys a more active and intellectual role than the term “hygiene.” Information intelligence is distinctively different from the rote, but vital, preventive hygienic act of physically rubbing one’s hands together with soap while singing a song such as “Happy Birthday” two times! In the case of information intelligence, rather than retweeting or posting something automatically, we need first to be proactive and intentionally verify the source. Developing information intelligence should be a key task for citizens—and future adult citizens—everywhere.
That brings me to a third new and compelling finding that is hiding within the COVID-19 pandemic and the sudden transformation to online life, whether in schools, universities, or workplaces: the pandemic has made prior existing inequalities or digital divides even more stark. There are many subtle and not-so-subtle divides that go beyond developing vs developed countries or men vs women. These include race, social class, urban-rural divides, and more.
My fellow Internet Governance Lab director and colleague Derrick Cogburn also heads the AU Institute on Disability and Public Policy. His work and that of his colleagues highlights how the coronavirus pandemic exacerbates existing divides for the differently abled. Additionally, the divides extend beyond mere internet access, including the type of access (e.g. availability of broadband) and the skills necessary for using the internet effectively.
Q. Could restricting people’s movements through technology during a pandemic lead to such restrictions becoming a new norm in the US?
Many are expressing their concerns about what happens in the “new normal” here and throughout the world. In answering this question, it is important to point out that in an internet era—whether before or after a global pandemic—we can no longer just focus on one specific country, region, or sector. Indeed, as my fellow Internet Governance Lab director, Laura DeNardis, points out in her work, the infrastructure of the internet is global and its nature intersects with policy issues, including control.
I use the positive example of the European Union passing the General Data Protection Regulation (GDPR) to protect the data privacy of its own citizens. The GDPR took effect in May 2018. Within a few days, that originally regionally focused regulation impacted countries and organizations almost everywhere since this GDPR regulation applied to all European Union citizens and such citizens use a wide swath of organizations around the world. Organizations immediately realized they needed to comply and redid the wording regarding privacy on their websites and mailing lists. As a result, today when you access a new website, whether to do online work or make an online purchase, you will see wording that you will need to accept or reject—hopefully using information intelligence. The wording tells you how the website will be tracking you and how it will use the information it quietly collects about you.
In sum, the nature of internet infrastructure implies that any new internet-related norms may indeed lithely cross national boundaries. Just as importantly, the example of the GDPR tells us that it may be very hard to put the genie back into the bottle once it has entered the outside world. The difficult challenge now is that while location tracking and movement restriction are public health tools that some places may use to prevent the spread of the coronavirus, there are serious issues about such tools being used for other purposes once the outbreak has subsided.