Location Data and COVID-19 Contact Tracing: How Data Privacy Regulations
and Cell Service Providers Work In Tandem
- URL: http://arxiv.org/abs/2103.14155v2
- Date: Wed, 7 Apr 2021 17:57:51 GMT
- Title: Location Data and COVID-19 Contact Tracing: How Data Privacy Regulations
and Cell Service Providers Work In Tandem
- Authors: Callie Monroe, Faiza Tazi, and Sanchari Das
- Abstract summary: Cellphone Service Providers (CSPs) enable the spatial and temporal real-time user tracking.
Three of the regulations analyzed analyzed defined mobile location data as private information.
Two of the five CSPs that were analyzed did not comply with the COPPA regulation.
- Score: 1.1470070927586016
- License: http://creativecommons.org/publicdomain/zero/1.0/
- Abstract: Governments, Healthcare, and Private Organizations in the global scale have
been using digital tracking to keep COVID-19 outbreaks under control. Although
this method could limit pandemic contagion, it raises significant concerns
about user privacy. Known as ~"Contact Tracing Apps", these mobile applications
are facilitated by Cellphone Service Providers (CSPs), who enable the spatial
and temporal real-time user tracking. Accordingly, it might be speculated that
CSPs collect information violating the privacy policies such as GDPR, CCPA, and
others. To further clarify, we conducted an in-depth analysis comparing privacy
legislations with the real-world practices adapted by CSPs. We found that three
of the regulations (GDPR, COPPA, and CCPA) analyzed defined mobile location
data as private information, and two (T-Mobile US, Boost Mobile) of the five
CSPs that were analyzed did not comply with the COPPA regulation. Our results
are crucial in view of the threat these violations represent, especially when
it comes to children's data. As such proper security and privacy auditing is
necessary to curtail such violations. We conclude by providing actionable
recommendations to address concerns and provide privacy-preserving monitoring
of the COVID-19 spread through the contact tracing applications.
Related papers
- C3PA: An Open Dataset of Expert-Annotated and Regulation-Aware Privacy Policies to Enable Scalable Regulatory Compliance Audits [7.1195014414194695]
C3PA is the first regulation-aware dataset of expert-annotated privacy policies.
It contains over 48K expert-labeled privacy policy text segments associated with responses to CCPA-specific disclosure mandates.
arXiv Detail & Related papers (2024-10-04T21:04:39Z) - PrivacyLens: Evaluating Privacy Norm Awareness of Language Models in Action [54.11479432110771]
PrivacyLens is a novel framework designed to extend privacy-sensitive seeds into expressive vignettes and further into agent trajectories.
We instantiate PrivacyLens with a collection of privacy norms grounded in privacy literature and crowdsourced seeds.
State-of-the-art LMs, like GPT-4 and Llama-3-70B, leak sensitive information in 25.68% and 38.69% of cases, even when prompted with privacy-enhancing instructions.
arXiv Detail & Related papers (2024-08-29T17:58:38Z) - DiffAudit: Auditing Privacy Practices of Online Services for Children and Adolescents [5.609870736739224]
Children's and adolescents' online data privacy are regulated by laws such as the Children's Online Privacy Protection Act (COPPA)
Online services directed towards children, adolescents, and adults must comply with these laws.
We present DiffAudit, a platform-agnostic privacy auditing methodology for general audience services.
arXiv Detail & Related papers (2024-06-10T17:14:53Z) - Protect Your Score: Contact Tracing With Differential Privacy Guarantees [68.53998103087508]
We argue that privacy concerns currently hold deployment back.
We propose a contact tracing algorithm with differential privacy guarantees against this attack.
Especially for realistic test scenarios, we achieve a two to ten-fold reduction in the infection rate of the virus.
arXiv Detail & Related papers (2023-12-18T11:16:33Z) - A Comparative Audit of Privacy Policies from Healthcare Organizations in
USA, UK and India [19.45392112573428]
This paper presents a large-scale data-driven study to audit privacy policies from healthcare organizations in USA, UK, and India.
First, we collected the privacy policies of thousands of healthcare organizations in these countries and cleaned this privacy policy data using a clustering-based mixed-method technique.
Second, we adopted a summarization-based technique to uncover exact broad data practices across countries and notice important differences.
arXiv Detail & Related papers (2023-06-20T14:21:37Z) - Simulating and visualizing COVID-19 contact tracing with Corona-Warn-App
for increased understanding of its privacy-preserving design [0.0]
The world is under an ongoing pandemic, COVID-19, of a scale last seen a century ago.
Contact tracing is one of the most critical and highly effective tools for containing and breaking the chain of infections.
Due to the invasive nature of contact tracing, it is very important to preserve the privacy of the users.
arXiv Detail & Related papers (2022-02-04T16:07:10Z) - Second layer data governance for permissioned blockchains: the privacy
management challenge [58.720142291102135]
In pandemic situations, such as the COVID-19 and Ebola outbreak, the action related to sharing health data is crucial to avoid the massive infection and decrease the number of deaths.
In this sense, permissioned blockchain technology emerges to empower users to get their rights providing data ownership, transparency, and security through an immutable, unified, and distributed database ruled by smart contracts.
arXiv Detail & Related papers (2020-10-22T13:19:38Z) - BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data
Silos [73.84437456144994]
Contact tracing is an important method to control the spread of an infectious disease such as COVID-19.
Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices.
We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
arXiv Detail & Related papers (2020-07-05T10:33:45Z) - Decentralized Privacy-Preserving Proximity Tracing [50.27258414960402]
DP3T provides a technological foundation to help slow the spread of SARS-CoV-2.
System aims to minimise privacy and security risks for individuals and communities.
arXiv Detail & Related papers (2020-05-25T12:32:02Z) - Give more data, awareness and control to individual citizens, and they
will help COVID-19 containment [74.10257867142049]
Contact-tracing apps are being proposed for large scale adoption by many countries.
A centralized approach raises concerns about citizens' privacy and needlessly strong digital surveillance.
We advocate a decentralized approach, where both contact and location data are collected exclusively in individual citizens' "personal data stores"
arXiv Detail & Related papers (2020-04-10T20:30:37Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.