“The response to the coronavirus pandemic has put tech and telecom companies in a position where they can disclose, without individuals’ consent, large amounts of data about them to the federal government — a fact that has privacy experts on high alert.”
“The Stored Communications Act and other parts of federal law include emergency exceptions permitting companies’ release of personal data for government experimentation. This comes at a time when the White House is asking for more data to track the spread of COVID-19, a national emergency.”
“While this has been part of U.S. privacy policy for about 40 years, the rapid spread of the coronavirus could see data shared at an unprecedented scale — ‘hundreds of thousands of data points from hundreds of thousands of individuals,’ said Albert Gidari, director of privacy at the Center for Internet and Society…”
“The government has no way under existing law to compel Google or Facebook to disclose location information to fight a pandemic, but the public is left to trust that if the companies do so voluntarily, they do so responsibly. It’s unclear exactly how much the major Silicon Valley companies and telecom giants are sharing. Geolocation and health data are the primary types at issue, and the government has a number of public-private partnerships with telecom, application and data storage providers it can use to leverage that information to map physical distancing and predict future hotspots… ”
“The massive relief package signed into law March 27 gives the CDC $500 million for a coronavirus ‘surveillance and data collection system,’ but there’s no mention of privacy guidelines — only a requirement to report back to Congress in a month. Will the CDC be expected to relinquish that authority when the pandemic ends?”
Multiple pieces of oversight
“… Unfortunately, the U.S. approach to privacy is sector-specific, meaning multiple rules would need to be issued, Federman said.”
“The FCC handles broadband and location data from the telecom industry, while the Federal Trade Commission has more jurisdiction over Google, Facebook and the third-party ad tech companies peddling different kinds of location data. HHS could address health data privacy, and there’s also the Health Insurance Portability and Accountability Act, the Children’s Online Privacy Protection Act and the Gramm-Leach-Bliley Act covering financial privacy to contend with.”
“’I’m hoping that this may prove that we do need to get a federal privacy law on the books, now more than ever, because in some ways Europe was more prepared to handle this,’ Federman said. ‘Their law, the General Data Protection Regulation, has actual language about a public health crisis and what personal data processing rights apply. We don’t have that here.’” Read the full article here.
Source: An unprecedented wave of personal data could be heading to federal agencies – By Dave Nyczepir, April 3, 2020. FedScoop.
