The declaration of the COVID-19 virus as a public health emergency of international concern on the 30th January 2020 by the World Health Organisation will be recorded in history as a defining moment of the 21st century.
The pandemic has already caused an enormous shock to governmental institutions around the world. In some cases, the knee-jerk response has been brutal. For instance, as restrictive measures were brought in, South African police started using rubber bullets whips to enforce lockdown. In Kenya, more civilians were killed on the streets in the first few days of the lockdown than died from the virus itself. Highlighting these examples is not about apportioning blame (even though, there needs to be some form of accountability) but indicating the severity of the situation.
“Never has it been more pressing to ensure that digital rights are seen, and treated, as being at par with rights exercised in the physical world.”
Given how embedded digital tools are in our societies, a blow like COVID-19 not only reverberates around the physical world but also through cyberspace. This is despite the different ways the effects manifest. The role of digital, data-driven technologies in the COVID-19 response is unprecedented, from their deployment to facilitate contact-tracing, to efforts put in place to use open data to generate epidemiological models to predict resource needs, through to the surveillance of whole populations to enforce economic and social lockdowns.
Defining the precise functions that new data-driven technologies should play in the response to the pandemic is contentious. Attempts to do this have laid bare the range of views and opinions, approaches and priorities that exist across countries, international organisations, civil society, academia and the general public.
From government representatives to civil society advocates, we are all grappling with the same issue; what role different kinds of data should play in the response and how they should be handled, accessed, shared and used — in a word: governed.
Within this context, never has it been more pressing to ensure that digital rights are seen, and treated, as being at par with rights exercised in the physical world. Key to this is ensuring that the use of intrusive state powers that rely on people’s sensitive data are temporary, necessary and proportionate to potential violations of people’s rights.
To start a conversation on the data governance issues that need to be considered in Africa during COVID-19 response planning; on the 23rd April 2020, we organised a virtual half-day workshop, Preparing for better times: Restoring data rights in a post-pandemic world(streaming available). The event itself went better than either of us could have expected and was packed with substantive and thoughtful discussions, summarised well by Sarah Lucas from the Hewlett Foundation.
During the event, we ran a short survey to gauge how our participants and viewers perceived their own data rights in light of COVID-19. We received 58 responses and the results capture well the concerns, idiosyncrasies and contradictions that people are grappling with, both as individuals and in their professional lives.
We started the survey with a relatively straightforward question, do you think it is necessary and legitimate for governments to use sensitive personal data (e.g. location data) as part of the COVID-19 response? 82% of respondents said ‘yes’.
The next question related to the purposes for which people would provide consent for their personal data to be used by the government. 67% responded that they would consent to their sensitive personal data only being used for medical purposes, while a further 24% would consent for it to be used for any additional purposes the government deemed necessary.
At this point then, it appeared that the vast majority of our respondents would be contend with the government using sensitive personal data as part of the COVID-19 response. Responses to next two questions however painted a more nuanced story.
Our third question asked people to rate, on a scale of 1–5, how much they trusted their governments to responsibly use their personal sensitive data. Only 2% had full confidence in their governments and the majority indicated that they had little or only moderate confidence in their governments. Our final question asked whether respondents thought that sensitive personal data collected and used as part of the COVID-19 response should be deleted at the end of the crisis. A massive 84% said ‘yes’, their data should be deleted.
Although this is hardly a representative sample, these results paint an interesting picture. While our participants and viewers recognise the need for their sensitive personal data to be used as part of efforts to tackle COVID-19, they want their data to only be used temporarily and many do not appear to trust that their governments will use their data responsibly.
“Key to fostering trust will be transparency in how data is being used, the inclusion of civil society and citizens in decision-making, and accountability and access to justice if things go wrong.”
The responses indicate that there is a lot of work left to do for governments across Africa, and around the world for that matter, to foster trust in their handling of people’s sensitive personal data as part of the pandemic response. Key to fostering this trust will be transparency in how data is being used, inclusion of civil society and citizens in decision-making, and accountability and access to justice if things go wrong.
As for us, the race is now on to follow-up with our incredible workshop participants and collectively forge a grassroots #RestoreDataRights movement that will work with governments and others towards realising a transparent, inclusive and accountable COVID-19 response in Africa and beyond.