Viruswashing
Individual humans surprise you in a crisis; the curmudgeon across the street turns into a tireless volunteer; the sycophantic celebrity abruptly becomes a helpfully trenchant critic of their former-friend politicians. Organizations - whether public, as in governments, or private, as in companies - tend to remain in character, carried on by inertia, and claim their latest actions are to combat the crisis. For climate change - "greenwashing". For this pandemic - "viruswashing", as some of the creepiest companies seek to de-creepify themselves in the name of public health.
In the last month, Privacy International's surveillance legislation tracker has illustrated the usual basic crisis principles. One: people will accept things on a temporary basis that they wouldn't accept if they thought they'd be permanent. Two: double that for scared and desperate people. Three: the surveillance measures countries adopt reflect their own laws and culture. Four: someone always has a wish list of surveillance powers in their bottom drawer, ready to push for in a crisis. Five: the longer the crisis goes on the harder it will be to fully roll things back to their pre-crisis state when we can eventually all agree it's ended.
Some governments are taking advantage. Trump, for example, has chosen this moment to suspend immigration. More broadly, the UN Refugee Agency warns that refugee rights are being lost. Of 167 countries that have closed their borders in full or in part, 57 make no exceptions for asylum-seekers.
But governments everywhere are also being wooed by both domestic and international companies. Palantir, for example, is working with the US Centers for Disease Control and Prevention and its international counterparts to track the virus's spread. In the UK, Palantir and an AI start-up are data-mining NHS databases to build a predictive computer model. Largely uknown biometric start-ups are creating digital passports for NHS workers. The most startling is the news that the even-creepier NSO Group, whose government clients have used its software to turn journalists' and activists' phones into spy devices is trying to sell Western governments on its (repurposed) tracking software.
On Twitter, Pat Walshe (@privacymatters) highlights the Covid Credentials Initiative, a collaboration among 60 organizations to create verifiable credential solutions - that is, some sort of immunity certificate that individuals for individuals. Walshe also notes Jai Vijayan's story about Microsoft's proposals: "Your phone will become your digital passport". Walsh's commenters remind that in a fair number of countries SIM registration is essential. The upshot sounds similar to China's Alipay Health app, which scores each phone user and outputs a green, yellow, or red health code - which police check at entrances to areas of the city, public transport, and workplaces before allowing entry. Except: in the West we're talking a system built by private, secretive companies that, as Mike Elgan wrote last year at Fast Company, are building systems in the US that add up functionally to something very like China's much-criticized social credit scheme.
In Britain, where there's talk of "immunity certificates" - deconfinement apps - my model history of ID cards, which became mandatory under the National Registration Act (1939) and which no one decommissioned after World War II ended...until 1952, when Harry Willcock, who had refused to show police his ID card on demand, won in court by arguing that the law had lapsed when the emergency ended and the High Court agreed that the ID cards were now being used in unintended ways. Ever since, someone regularly proposes to bring them back. In the early 2000s it was to eliminate benefit fraud; in 2006 it was crime prevention. Now immunity certificates could be a wedge.
Tracking and tracing are age-old epidemiologists' tools; it's natural that people want to automate them, given the speed and scale of this pandemic. It's just the source: the creepiest companies are seizing the opportunity to de-creepify themselves by pivoting to public health. Eventually, Palantir has to do this if it wants to pay its investors the kind of returns they're used to; the law enforcement and security market is just too small. That said, at the Economist Hal Hodson casts nuance on Palantir's deal with the NHS - for now.
Obviously, we need all the help we can get. Nonetheless, these are not companies that are generally on our side. Letting them turn embed themselves into essential public health infrastructure feels like accepting letting a Mafia family use the proceeds of crime to buy themselves legitimate businesses. Meanwhile, much of the technology is unproven for health purposes and may not be effective, and basing it on apps, as Rachel Coldicutt writes, is a vector for discrimination
The post 9/11 surveillance build-up should have taught us that human rights must be embedded at the beginning because neither the "war on terror" nor the "war on drugs" has a formal ending when powers naturally expire. While this specific pandemic will end, others will come behind it. So: despite the urgency, protecting ourselves against permanent changes is easiest handled now, while the systems for tracking and tracing infections and ensuring public safety are being built. A field hospital can be built in ten days and then dismantled as if it never was; public health infrastructure cannot.
Illustrations: The Wicked Witch of the West and her crystal ball, from The Wizard of Oz (1939).
Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.