The COVID-19 Global Pandemic Raises Serious Privacy Problems

Is it possible to share personal data in order to help to fight the global pandemic and keep this data anonymous to protect your privacy?
Is it possible to share personal data in order to help to fight the global pandemic and keep this data anonymous to protect your privacy?

The headlines are scary. Millions of infections — over 170,000 deaths. Nothing will ever replace the lives lost or bring back pre-COVID-19 “normal” again. While our hearts and deepest sympathies go out to everyone whose life has changed due to this pandemic, there are long-term implications that, for those of us in the business of privacy, are just as scary as the pandemic itself. Apple and Google are collaborating on contact tracing solutions, and governments are tracking the movement and even biometrics of citizens through their personal devices. Once the threat of COVID-19 is dealt with via social distancing, medical treatment and vaccination, the threat to privacy will remain.

There is a trade-off between privacy and public health, and it’s one that has been gaining traction in the news cycles — and rightfully so. There is always a trade to be made. We make these deals every day. We willingly and often unknowingly give up our personal data in exchange for certain services, like getting an Uber or Lyft, for example. The recent stories converge on fears of surveillance states, mass tracking and tracing, the ethical debate over which personally identifiable information is necessary to manage the pandemic, and whether those collecting the data will ever relinquish control.

Related: Coronavirus Pandemic Reminds Us That Security Is Important During the Zoom Boom

What’s not making it into the news is an alternative solution — one that fulfills the requirements of the current state of emergency and satisfies the need to serve public health and safety, but also protects our privacy. The solution is a digital credential, or digital identity.

This technology may sound like a hybrid of new and old, and that’s truly what it is. A digital credential is simply a proof of something, and it’s backed by something else that you trust. As in the real world, your driver’s license proves your age, residence and right to drive a car. A digital credential would do exactly the same thing. A person with a driver’s license is trusted not because you know the person holding it, but because it’s backed by the state who issued the license. A digital version can perform all the same functions instantaneously, with touchless functionality and most importantly — privately. You could prove your age without having to reveal your address or your height and weight. Or you could share whether you have contracted the coronavirus to those with whom you have been in physical proximity, without disclosing your name.

A digital credential exists on your smartphone, or for those who don’t have such devices, in a secure cloud environment, accessible from a terminal that uses touchless biometrics like facial recognition, or iris scans, much like the company Clear does at the airport. A digital credential can be issued by any organization and read by any other organization, but you get to choose exactly what information gets read. In other words, you can help fight the pandemic by sharing your location data or your health status, and still feel safe knowing that there is no way to tie it to your name.

Related: Will Blockchain Technology Be Used to Build Evil Social Credit Systems?

In today’s digital world, triangulation happens, and it happens a lot. All of the data being collected by the big tech giants you’ve heard of (and the thousands of little companies you haven’t) is going to be available to third party brokers. Personal data is the new gold rush. There’s money in those ones and zeros, and if you think Mark Zuckerberg is the only one selling you out, you’re dead wrong. If you think the government cares about your privacy, ask what has changed since the Zuckerberg hearings. It takes just a few seconds to correlate a couple of jigsaw pieces and then very quickly finish the puzzle with a picture of your private life printed on the box.

But it doesn’t have to be that way. Digital identity credentials are powerful. Using the trust and immutability that comes with blockchain technology, we can now build a credential that proves almost anything, as long as you trust the person or entity that is backing up the claim. Think about it: Proof of vaccination issued by your healthcare provider and instantly available on your smartphone in conjunction with its built-in biometric access. With this, your employer can trust you to come back to work. A shop owner can trust you to come into the store to buy his products. The stadium can trust you to come watch the baseball game. Not because they trust you, but because they trust your health care provider who issued the credential. Just like that, life starts to become somewhat normal again while your privacy is protected.

The power of a digital credential is vast. The business use cases are wide-ranging, and simultaneously improve trust and efficiency while reducing risk. A digital credential gives anyone the ability to prove something about themselves instantly, touchlessly and in a verifiable way. From healthcare to banking to trusted online voting, a digital credential makes the world a safer place for you and for those around you.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Heather C. Dahl is a widely-respected thought leader in digital identity technology and news media, with over 25 years of strategic leadership experience in newsrooms, multinational corporations and high-tech startups. As the CEO of the professional services firm Indicio.tech, Heather brings with her a deep knowledge of decentralized and self-sovereign identity and go-to-market strategy from her time as CEO of the Sovrin Foundation. With graduate degrees from Columbia University and Johns Hopkins Business School, she is a committed advocate for privacy-preserving cybersecurity technologies.