During the early months of the COVID-19 pandemic, many nations around the world developed smartphone-based solutions to mitigate the disease. Among these solutions have been contact tracing technologies. These smartphone based contact tracing systems use data about phone proximity, such as Bluetooth connectivity data, to track when smartphone users have been in contact for a significant duration. This data is used to signal to users when they may have been exposed to a person who has tested positive for COVID-19.
Smartphone based contact tracing has raised many policy and technical design questions. Unlike contact tracing programs executed mainly by public health personnel, smartphone based contact tracing systems depend on the population’s smartphone ownership and willingness to install a dedicated application. In practice, these systems depend on hardware and software produced by commercial providers like Apple and Google. Early on, researchers raised flags about the potential misuses of data collected by these systems, as well as how the public’s privacy concerns could pose a barrier to adoption.
Our research draws on network modeling techniques to develop the theoretical foundations of how privacy concerns interact with mobile-based contact tracing programs. Drawing on the Contextual Integrity theory (Nissenbaum, 2009), we define privacy as appropriate information flow, according to contextually situated norms. Hence, the privacy concerns of the public are multifaceted, including potentially everything from distrust of industrial or state institutions to concerns about contact information leaking to community or family members.
Through analytical modeling and simulation of infection and contact tracing on a complex network, we chart the tradeoffs between privacy and contact tracing effectiveness. Our preliminary finding is that the efficacy of smartphone-based contact tracing is more sensitive to institutional privacy than interpersonal privacy.