June 9, 2020
Workplaces are turning to devices to monitor social distancing, but does the tech respect privacy?
As we emerge from the coronavirus lockdown, those of us who still have a workplace may not recognize it. Businesses, eager to limit liability for employees and customers, are considering a variety of emerging technologies for limiting pandemic spread.
These technologies can be loosely divided into two types: one based on cellphone technologies and the other using wearable devices like electronic bracelets and watches. Both approaches focus on maintaining social distancing, nominally six feet between any two workers based on the U.S. Centers for Disease Control and Prevention guidelines and supported by some modeling.
Most workers will have little choice whether to participate in their employer's risk mitigation. As a networking and security researcher, I believe that it is essential that both employees and employers understand the technologies in use, their effectiveness at reducing risk of infection and the risks they may pose to the privacy and well-being of all involved.
Social distancing technologies are designed to warn workers when they get too close to each other, typically relying on communications that can travel only short distances. In this way, if your device can "hear" someone else's device, you're considered too close to the other person and potentially infected.
Perhaps the most promising communication technology for social distancing is ultra-wideband, which enables precise distance measurements between devices. A more common medium is Bluetooth Low Energy, which is used for headphones and portable speakers, though it may produce less consistently accurate distance information depending on the environment.
Finally, sound itself can be used to determine distance to other people, much like bats use echoes to identify obstacles in their flight paths, with the advantage that it respects wall and door boundaries just like the coronavirus.
Modern cellphones typically can communicate through both Bluetooth Low Energy technologies and sound. Late model iPhones also support ultra-wideband communications.
Contact tracing apps, which are used to alert people when they've been exposed to an infected person, generally use these media while loosely adhering to a common design. They include approaches focusing on privacy and security, or precise distance measurements using sound outside of the human hearing range. More recently, Apple and Google jumped into the fray with their own approach that also solves some of the technical challenges that appear to require the cooperation of the two tech giants.
Wearables, which are more limited devices that a person can wear like a bracelet or a ring, can also be used for social distancing. Popular workplace wearables can be programmed to buzz or otherwise alert employees when they get within six feet of each other. These include Halo, Estimote and COVID Radius. Other devices monitor health indicators such as pulse, body temperature or movement.
Will this help?
Workplace social distancing products are designed to monitor the six-foot separation guideline of the CDC. This is a crude measure that is complicated in practice. How long are people in contact? What kind of air patterns surrounded them? Were they wearing masks? Were they singing?
Although some modeling suggests that even crude social distancing can help spread out infection rates over time to help with hospital load, digital contact tracing faces serious challenges of adoption – in order for an infectious contact to be recorded, both parties must be using the technology.
This means, for example, that if 50% of people in a work area—including mail deliverers, IT support and plumbers—adopt the technology, then approximately 25% of the infectious contacts might be identified. If the workplace is already a hot spot for infection, say a meatpacking facility, then the technology only tells workers what they already know: There is widespread infection risk.
What about privacy?
The location data that is used by some contact tracing solutions can be intensely personal. It can identify, for example, with whom workers eat lunch or even what they purchased at the lunch counter. It can identify what fraction of the workday is spent by the water cooler, and even how often and for how long workers go to the bathroom. Without explicit safeguards, employees are forced to choose between keeping their jobs and maintaining their privacy.
Fortunately, some of the solutions do attempt to safeguard privacy in a variety of ways.
Open tech, limited data
It is important that data shared with the employer—or any other third party—should be anonymous and not tied to personal information. Indeed, several of the cellphone-based solutions only share randomly generated data that is useful only for contact tracing apps that tell the cellphone's owner about potential exposures. Furthermore, some of the wearables do not use a central repository, instead sharing data only among themselves and deleting it after the infection window, typically 14 days.
Some of the technologies prevent employers from accessing employee contact history. In these approaches, only employees who have been near an infected individual are alerted, either through physical feedback like a vibrating buzz or through alerts on their smartphones. Employers are naturally anxious to get a broad picture of worker health, but the greater insight necessarily intrudes on privacy. I believe the ideal scenario is where the worker—and no one else—knows only that he has been exposed to the virus at some recent time, not when, where or by whom.
It may be very difficult for employees to understand what kind of privacy a social distancing system provides without knowing how it operates. Many of the existing products on the market are open-source, meaning that anyone can view and analyze at least some of their code. Some also make all contact information publicly visible, albeit obfuscated, so that there is no mystery about what data is being collected and used.
At the end of the day, social distancing technologies can help protect employees in a post-COVID world. However, absent well-crafted privacy law, both employees and employers must understand broadly how these technologies work, their limitations and their capabilities.