Here’s an interesting twist. China has spent years building a vast surveillance state to digitally track its population, a system that has come to the fore in its attempts to monitor and control the spread of coronavirus. For years we have decried this “big brother” monitoring, and yet it turns out that we have a vast surveillance dataset of our own, just waiting for the government to tap into.
Last week, I reported on viral coronavirus maps that use marketing databases to show the movements of Americans as they congregate and disperse, illustrative of the potential spread of coronavirus infections. The granularity of the data shocked many—although the subject matter distracted most from the underlying issue. The data is unique to individuals but claims anonymity—however, last year the New York Times exposed just how easily that veil is broken.
It is therefore a surprise that the U.S. government—through the Centers for Disease Control and Prevention, has elected to use this marketing dataset rather than mobile operator data to track coronavirus. “Officials across the U.S. are using location data from millions of cellphones,” the Wall Street Journal reported on March 28, “to better understand the movements of Americans during the pandemic.” The newspaper says the plan is “to create a portal for federal, state and local officials that contains geolocation data in what could be as many as 500 cities across the U.S.”
When coronavirus first hit China, the country repurposed its surveillance state into a contact tracing and quarantine enforcement machine. The infrastructure was in place. Facial and license plate recognition, contact tracing and phone tracking, proximity reports from public transportation, apps to determine quarantine status and freedom of movement, and social media to inform on rule-breakers. Described as “excessive coronavirus public monitoring,” it is expanding China’s already pervasive use of biometric people tracking technologies.
In the West we have no such biometric-powered surveillance state, whatever campaign groups might say. There is the rule of law, warranted tracking, even campaigns to remove facial recognition from law enforcement. Meanwhile, we all carry smartphones loaded with apps that we give permission to track us, wherever we go and whenever we go there, down to a frightening level of detail.
Smartphone tracking is becoming the front-end for coronavirus population tracking—be that individuals confined to their homes, curfews, contact tracing or aggregated analysis on the impact of social distancing. A smartphone is a proxy for a person. Track the phones and you track the people. Each device can be uniquely tied to its owner, whether in Beijing or Boston, Shanghai or Seattle.
In the U.K. and mainland Europe, governments and the European Union have pulled data from the mobile network operators themselves to track millions of citizens, aggregated and anonymized, monitoring adherence with social distancing and travel restrictions. There was even talk that the GSMA might develop a centralised data program across 700 operators to track users cross-border.
Mobile networks hold significant data on customers. Location pings, call and messaging metadata, obviously the identities behind the numbers and whatever their CRM systems store. This data has its limitations. It is also heavily regulated, protected from prying eyes except under legally warranted circumstances.
There is however an even larger dataset that has no such regulatory limitations. It contains information on all of us—we actually give it permission to collect our locations, our browsing activities, where we go, when, how often. The information can be mined to infer where we work and live, what we like to do and with who. It is the closest we have to a surveillance state—and it’s now everywhere.
The database is fuelled by the apps on our smartphones—apps we give permission to access data they do not need to execute their own functions. And that data can be sold to create a revenue stream for its operators. Last year, one project set out to show just how out of hand this has become. A security researcher tested 937 Android flashlight apps—the most innocuous apps imaginable, of which 180 requested permission to access our contacts and 131 our precise locations.
This marketing data source, which gathers information on all of us, all of the time, is quite the surveillance feat. If any western government set out its intention to build such a platform there would be an extraordinary public backlash. And yet the data is there and can be accessed commercially for just the payment of a fee.
Once the pandemic is behind us, the memory of those maps tracking us coast to coast will remain. And as we look to the east, to its vast government surveillance ecosystem, perhaps we will recall the equivalent we live with ourselves. The fact is that the necessity of the coronavirus pandemic has pushed government invention into new and surprising areas. And from a surveillance stance, one of the most powerful ways imaginable has been there all the time.
It is clear that over the coming weeks we will be asked to further trade personal privacy for public safety. Those datasets can be mined for ever more powerful information—the same contact tracing and quarantine breaches China monitors. According to the WSJ, the mobile ad data “can reveal general levels of compliance with stay-at-home or shelter-in-place orders—and help measure the pandemic’s economic impact by revealing the drop-off in retail customers at stores, decreases in automobile miles driven and other economic metrics.”
Not bad for a ready-made, off-the-shelf alternative.
I am the Founder/CEO of Digital Barriers—developing advanced surveillance solutions for defence, national security and counter-terrorism. I write about the intersection of geopolitics and cybersecurity, as well as breaking security and surveillance stories. Contact me at firstname.lastname@example.org.
Please follow my instagram: http://instagram.com/arminhamidian67