The Linux Foundation has announced a new Public Health initiative (LFPH) in charge of «Build, secure and sustain open source software to help public health authorities combat COVID-19 and future epidemics«.
The new group has seven ‘premium members’, Cisco, Doc.ai, Geometer, IBM, NearForm, Tencent and VMware, and has so far been tasked with supporting contact tracking applications using the provided software framework and APIs. in a unique project created by Google and Apple. In the future, the group plans «Support all aspects of testing, tracing and isolation activities carried out by public health systems».
The big goal is to find and select software that is relevant to pandemics, make it open source, and then build a community of interested and trained collaborators to work on it.
“Particularly in the United States, public health systems have suffered from decades of low investment and urgently need to scale their capabilities to interact with the entire public during the worst pandemic in a century”, indicates the director of this initiative. “Many companies and individuals in the technology industry are eager to help them meet these challenges, and LFPH provides a forum and toolkit for them to engage constructively.”, they assure.
The group has selected the framework proposed by Google and Apple. APIs were launched in May that allow interoperability between Android and iOS devices using applications from public health authorities. It is only the beginning. The two giants are working to enable a broader Bluetooth-based contact tracking platform by incorporating this functionality on the underlying platforms. “Privacy, transparency and consent are of utmost importance in this initiative, and we hope to build this functionality by consulting stakeholders.”they promised.
The group promoted by the Linux Foundation has also selected software from Canada (COVID Shield) and Ireland (COVID Green) to launch this open software initiative against pandemics. The selected projects have an outstanding characteristic, since they use storage of decentralized data compared to those that are being used in other countries. Although in these cases human contact trackers may not have access to the records, it is imperative to protect privacy.
Open pandemic software: only with privacy
Violations of a fundamental right have been so many and so serious in the past that millions of citizens have simply decided not to participate in these coronavirus tracking projects. There’s just no trust And even an organization as prestigious as the Linux Foundation has to go ‘lead’ when it comes to selecting the projects it supports.
Indeed, the COVID-19 pandemic is a global public health emergency that would have required a coordinated, large-scale response from all governments. However, efforts to contain the virus should not be an excuse for “Cover up the start of a new era marked by a massive expansion of invasive digital surveillance systems”. as one hundred international organizations alerted in an open letter.
In it they asked world governments guarantee that the digital technologies being used to track and monitor people and populations to curb the coronavirus fully respect human rights, including digital ones. Also open pandemic software.
The European Data Protection Supervisor (EDPS), Wojciech Wiewiorowski, had to urge the EU to establish safeguards (such as limiting access to data and deleting it when the crisis is over) when it approved the use of a tracking project by large European operators to share mobile phone location data with the European Commission. Spain is included and a mobility study that tracks 40 million mobiles is ongoing.
We live in extraordinary times, but human rights are still applicable and privacy is one of them. We dare not ensure that these projects violate it, but there has not been due transparency and no guarantees have been offered that these data will not end up in pernicious uses beyond using them against this and other pandemics. And they are completely eliminated once the crisis ends.
Knowing previous excesses it is logical that citizens distrust this type of technology. Not even open pandemic software will get rid of this scrutiny. Welcome to the possibilities offered by collaboration and code auditing, even though the heart of the matter remains in the collection, processing and use of personal data.
Do you think that the initiatives are fulfilling the conditions?
- Surveillance measures taken to address the pandemic they must be legal, necessary and proportionate. They must be provided by law and justified under legitimate public health objectives, determined by the competent public health authorities, and proportional to those needs.
- If governments extend monitoring and surveillance powers, those powers must be of limited duration and lasting only for the time necessary to address the current pandemic. We cannot let the COVID-19 pandemic serve as an excuse to exercise surveillance indefinitely.
- States must guarantee that the increase in the collection, conservation and aggregation of personal data, including those related to health, has as its sole purpose respond to the COVID-19 pandemic.
- Governments must do everything possible to protect personal dataThis includes guaranteeing the due security of the data collected and the devices, applications, networks or services used in its collection, transmission, treatment and storage.
- Any use of digital surveillance technologies in response to COVID-19, including artificial and data intelligence systems, must take into account the risk that such tools facilitate discrimination and other abuses against the rights of racial minorities, people living in poverty and marginalized populations.
- If governments sign agreements to share data with other public or private sector entities, they must do so based on the law, and the existence of such agreements, as well as the information necessary to assess their impact on privacy and human rights, should be disclosed. publicly, in writing, with the suspension clauses and with public supervision and other default safeguards.
- Every response must incorporate accountability mechanisms and safeguards against misuse. Increased surveillance measures before COVID-19 should not be the responsibility of the security or intelligence agencies, and must be subject to the effective supervision of adequate independent bodies.
- Responses to COVID-19 containing data collection measures should include free means of participation, active and meaningful of relevant stakeholders, in particular specialists from the public health sector and from the most marginalized population groups.
The technology industry the right of trust has not been earned not even in the face of the undoubted usefulness of tracking technology in these cases. The Linux Foundation has programmed a webinar introductory on July 30 to explain the pandemic open software project.