This is Part 2 in a series on theology, privacy, and technology. Read Part 1 here.
The COVID-19 pandemic has presented significant challenges requiring global collaboration and a variety of solutions. An example of these solutions is digital contact tracing–the use of smartphones to trace people who have been in contact with an infected individual. As digital contact tracing involves gathering data from people’s devices, the issue of privacy has become paramount. This ethical challenge gives Christians an opportunity to reflect on theology and privacy and to provide insights to an ongoing conversation.
In the previous post, I constructed a theological framework for modern privacy and highlighted its importance as a God-given gift. I also briefly touched on some practical applications of the theology, alluding to the command to “love our neighbor.”
In this post, I would like to focus on digital contact tracing as an application and address how creators (i.e., tech companies and public health) and end-users (i.e., the general public) can love their neighbor in this particular context.
What is contact tracing?
Before we delve into the ethics, it’s important to understand what contact tracing is and why it’s used. Because COVID-19 is a communicable disease, one public health measure to stop its spread involves contact tracing. Contact tracing is the process of tracing people who were near an infected individual to help them get tested or self-isolate. In the current crisis, many companies, such as Google and Apple, have developed smartphone-based tools that potentially make this process easier and more efficient. Digital contact tracing refers to this kind of contact tracing.
How does digital contact tracing work?
Let’s use Google and Apple’s program1 as an example. Their tool began as an API (application programming interface) for public health-based apps and is now a feature incorporated in both Android and iOS operating systems. It uses Bluetooth low energy signals to allow smartphones to send and scan for anonymized keys (strings of numbers) coming from nearby devices.
To illustrate how this works, here’s a scenario with two made-up individuals, Amy and Brian. If Amy and Brian happen to be within 6 feet of each other, and they both have the program on their phones, their phones will exchange keys. This key is stored locally on the phone. As Amy and Brian come into contact with others using the same smartphone program, each of them will have a list of keys from those people as well.
Now let’s say Brian unfortunately tests positive for COVID-19. If he submits that information into the program, Amy will get notified that she was in contact with an infected individual. She won’t know it’s Brian, but because his key was stored on her phone, she will know that the person with that key tested positive.
What are the privacy implications of this technology?
Even though this technology seems impersonal, it poses a number of significant risks to personal privacy–such as compromising personal identity and misuse of data. Google and Apple have recognized this issue and implemented privacy measures. Some of these measures include opt-in to use the service; complete anonymization to other users and even to the tech companies; and no user location tracking.
The fact that Google and Apple are applying strict privacy measures is a good sign that they are taking individual privacy rights seriously. However, maintaining privacy while increasing efforts to stop the disease could be a significant challenge.
Such prioritizing of individual right to privacy more likely creates a less effective process. Here’s one reason why.2 To eliminate COVID-19 entirely, digital contact tracing needs a large number of users to participate. However, since many people already mistrust big tech, giving users the choice to opt-in–even with promises of anonymizing and not collecting identifiable information–likely means that not enough people will participate. Without enough people participating, the population-at-large will likely continue to spread disease and cause more collective harm.
The uncertainties of digital contact tracing
Here is the crux of the issue. Both individual privacy and public health are important yet seem to be at odds with each other. How can the needs of the many be sufficiently addressed while protecting the rights of the individual?
Furthermore, while Google and Apple currently are able to balance this delicate trade-off between individual privacy and public health, many anticipate that using digital contact tracing and other kinds of biosurveillance technology will likely set precedents for more invasive uses of technology.
If [public health] uses technology to stamp out disease at the expense of people’s privacy, can we put the genie back into the bottle? Is this a slippery slope?3 Will giving up privacy only be reserved for dire situations like COVID-19 (i.e., the exception) but not expected once the pandemic is over? Will people be pressured at some point to give up personal information to restore social order or to benefit society simply because the powerful have authority to coerce? One could imagine that in the future, the bar for establishing when or how individuals give up privacy could lower, and people would be expected to give up privacy even when it is not absolutely necessary to do so.4
How creators can love their neighbor
The questions I’ve raised are valid concerns that require careful thought. Even if the answers aren’t necessarily straightforward, having a theological perspective can guide our reflection. We can think about these concerns in light of the command to “love our neighbor.” Jesus reiterates this command from the Old Testament when he tells the story about the Good Samaritan, who sacrificed his comfort, convenience, and even identity to help a wounded Jew.
So for those who create and use digital contact tracing tools (or other similar technologies), what does loving their neighbor look like practically?
Here are some ways to start with. While the following ideas are shaped by a biblical worldview, they don’t necessarily apply exclusively to Christians:
- As I mentioned in part I of the series, individual privacy is valuable and should be treated with the utmost respect. At the same time, people often need to sacrifice some personal freedoms for the public good, a cost to the individual. Those in power need to acknowledge the risks of sacrificing individual privacy by being accountable and transparent with their constituents. They need to build trust by collecting, processing, and storing personal data in ways that protect privacy. They also should explain the rationale behind their actions as clearly as possible and be open to listening to the concerns of those who are wary of giving up privacy.
- Additionally, love for neighbor entails that creators pursue excellence in the privacy standards they build (Phil. 4:8-9). This means that they need to think critically about how they define “necessity” and “public good” as they create digital tools and collect data from these tools. While “necessity” can mean different things in different situations, asking the necessity question is essential to understanding the purpose of the tools they create and why they are using them. “Are we creating and using them to promote well-being–both individual and public? Or are we using them to wield power and instill fear? What is ‘well-being’ in the situation we are in?” Being able to think through these questions can prevent the abuse of soliciting information for any cause, or even take advantage of the fact that people may be more likely or willing to give up personal information to achieve a particular goal in a state of need.
- Related to 2), creators need to evaluate each step of data collection and usage. “Why are the data being collected? What data do we need? How much do we need to engineer optimization standards? How are they being collected, and where are they being stored? What is considered sensitive and needs to be encrypted? How are we encrypting the data? Who owns or will own the data? And what will happen to the data once collection ends?”
- As creators weigh the trade-off between privacy and public good, it might be helpful to re-evaluate what commonly appears to be two dichotomies. Rather than seeing them as a binary choice (i.e., all or nothing), creators should strive to create both beneficial and holistic solutions. A great example comes from the creators of PrivateKit. After considering both individual privacy and public good, they decided to trace people’s paths imprecisely. This solution adequately informs where a person has been while still protecting sensitive information about the individual’s exact location.
How end-users can love their neighbor
What about end-users? How can they show love for neighbor in this situation?
The right to privacy is legal in nature. In many legal traditions, an individual is entitled to protect what belongs to them from public view. However, from a theological perspective, this right carries a more nuanced meaning. We as Christians may have a legal right where we live, but we also see this right as a gift because we are created in God’s image. As with other gifts God has endowed us, Christians have responsibilities both to steward and relinquish the gift of privacy as appropriate.
While some may wonder what “as appropriate” means exactly, I think the better question centers around the biblical exhortation of personal sacrifice. There are many examples in the Bible of people who gave up different kinds of privacy for the greater good e.g. Jesus dying on the cross and the early church sharing their possessions with the apostles, fellow believers, and the poor. In the modern context, we may be familiar with giving up our property privacy to help those in need. With digital contact tracing, perhaps downloading a public health app is an opportunity for Christians to show love for neighbor.
I would like to emphasize that loving our neighbor in this context requires discernment. Choosing to surrender privacy rights is a significant decision with risks, and having the wisdom to know when and how to do it is important. Thus, the key takeaway from this post is not that we must always give up our privacy, but that in certain situations, we as Christians should consider whether such sacrifice is the appropriate act of loving our neighbor.
The present crisis has introduced important ethical challenges surrounding privacy and technology. Although new technologies, such as digital contact tracing, may serve to stop the spread of COVID-19, they do so at the risk of jeopardizing individual right to privacy and potentially introducing more invasive forms of surveillance.
To address these concerns, I have discussed ways to think biblically about loving our neighbor when building and using public health tools. Giving up privacy in the context of public health is not merely a private decision, but a public one with enduring social consequences. With that in mind, we as creators or users should carefully consider how our decisions around privacy impact others, and whether those decisions reflect the kind of loving sacrifice that God may call us to make.
Loving our neighbor is understandably challenging when people’s lives and privacy are at stake. Going back to the story of the Good Samaritan, we see that Jesus finishes it by asking who acted as the wounded Jew’s neighbor. His questioner answered the one who showed mercy.
And as Jesus instructed the man then, he is telling us now: “go and do likewise.”
1Since Google and Apple’s program does not specifically identify people but simply notifies them that they have contacted an infected person, it’s more accurately called “exposure notification.” However, many in the industry have categorized it as part of digital contact tracing.
2This is an informative article showing the reasons why prioritizing privacy (and even resorting to digital contact tracing) may not be effective.
3These questions were taken from a live-streamed conversation hosted by CNBC “What are the privacy implications of COVID-19?”
4ATN Founder Paul Taylor brought up another aspect of privacy in the COVID-19 crisis that Christians may be concerned about. If governments require churches to hand over lists of attendees to track disease spread, could that lead to persecution in the future? While this issue is outside of the scope of this post, I wanted to acknowledge it as a potential concern among ATN readers.
Biologist by training, storyteller at heart.
Joy is a former biology researcher who decided she preferred writing to pipetting. She graduated with a B.A. in Molecular Biology from Princeton University and holds graduate degrees in the biological sciences from the University of Pennsylvania and Stanford University. She has written on numerous STEM topics, ranging from molecular biology to AI and clinical trials. In her free time, she enjoys reading, learning about food science, and spending time with her husband.