GetConnected logo

COVID-19 battle inspires rethink on IoT privacy

Contact tracing and IoT privacy

The critical need for contact tracing as part of the battle to fight the COVID-19 pandemic has accelerated the IoT revolution by helping to break down opposition to why, how and where personal data is used.

Before the pandemic, patient privacy concerns had stalled the adoption of the IoT in conservative sectors like the medical industry. The benefits of the technology just weren’t considered enough to justify a shift with all its associated privacy issues. That attitude has changed as healthcare professionals realized how wireless tech has helped in the fight against COVID-19.

Remote monitoring takes pressure off healthcare

For example, there have been many cases where the SARS-CoV-2 virus generated mild symptoms in the early stages but later caused severe illness. An early indicator of the disease's progression is a decrease in the blood oxygen saturation as the virus attacks the lungs. Pulse oximeters can continuously monitor blood oxygen levels and notify healthcare professionals of changes so that treatment can be accelerated. Wireless pulse oximeters can automatically send data to a central server, relieving medical staff of the need for frequent manual observations of individual patients. Such equipment could even allow patients to quarantine at home—freeing-up hospital resources for those struck down by the virus—while still being remotely monitored.

Suddenly, wireless pulse oximeters offer an advantage, and hospitals have switched to wireless devices much more quickly than they were planning - to be ready for any COVID-19 spikes or future pandemics. The lesson here is that if the benefits of the IoT are big enough, privacy is something organizations and individuals may be willing to trade for the greater good.

Trading privacy for safety

Before 2020 the idea of authorities being able to perform detailed contact tracing in places like Europe would have been unthinkable. Yet it worked so well in combating COVID-19 in Taiwan, Singapore and South Korea that the model is one many countries have replicated.

And as employers look for ways to get their staff back to work, a whole new category of contact tracing wearable has emerged. These wireless devices enable managers to know exactly where their employees are, who they have been in contact with, and for how long.

Such close monitoring would have met with fierce resistance before COVID-19, but now such measures are gaining widespread adoption and acceptance. A temporary loss of privacy is seen by most as a price worth paying to stop the spread of SARS-CoV-2, keeping workers safe and ending lockdowns. Assurances that the data won’t be used for any other purpose beyond contact tracing, the information will be anonymized as far as possible, and contact tracing is a temporary tactic for defeating the virus has helped.

Setting limits on privacy intrusion

But for the IoT to meet its full potential, some level of privacy does need to be respected. For example, we already accept that public changing rooms, toilets and showers should be beyond the gaze of security cameras, and we consider it socially and legally unacceptable to use personal data without consent. Also, we expect that full transparency, security, and legally-binding safeguards are in place.

Similar to effectively combating COVID-19, albeit on a vastly and more detailed scale, the IoT is all about processing and analyzing data gained from sensors that digitize the physical world at a granular level. A system that knows not only where an individual is located, but what they’re doing, and with whom, at any time creates unprecedented potential for privacy intrusion.

For the IoT to work, people must feel comfortable that their safety, convenience, automation, security, and quality of life enhancements outweigh the inevitable loss of privacy. Consequently, the organizations entrusted with collecting and collating the data must be transparent as to what information they collect and how they use it. People should be allowed to see how their data is used and, as with email lists, have the choice to opt out at any time. And wherever possible, the data should be kept anonymous.

If COVID-19 has shown that the IoT can reconcile privacy concerns in a way most consumers and workers feel comfortable about, then at least one silver lining will have emerged from this global pandemic.


Subscribe to  The Get Connected Blog