As governments, industry and tech companies scramble to patch together solutions it becomes mission critical to have basics in place before arming a counter response to the pandemic. 

These “basics” apply to doctor’s wearing protective gear before rushing in to see a patient or health data security when capturing sensitive personal information.

We (hopefully) learn from mistakes

It is a challenge to make cool and collected decisions when the pandemic is knocking on our doors and threatening our existence. We can only hope to learn from mistakes made during other pandemics, for example, the Spanish Flu of 1918 - when a whistle blast in San Francisco signalled the removal of anti-flu protections and people could return to normal life. People started large gatherings once again and as a result had one of the most devastating months during the pandemic. In 2007, the National Institutes of Health reported that up to 90 percent of deaths could have been avoided if they had kept their anti-flu protections into Spring of 1919.

spanish flu 1918Source: Getty Images 

The missteps during previous pandemics and the lives taken from us should not be in vain. 
You read about frontline healthcare workers from certain regions having to help COVID-19 patients without Personal Protective Gear (PPE). It seems inhumane to ask healthcare workers to sit on the sidelines if they do not have PPE. 

As Aaron Mishler, a nurse, former Army Medic, and Ebola responder in West Africa in 2014-2015 states:

This post is for my healthcare workers, docs, surgeons, Nurses, aids, and EMS, and all staff.
There is no emergency in a pandemic.
You as a healthcare worker are a force multiplier. Your training and experience is invaluable moving into this crisis. So, you’re going to be faced with some very difficult moments. You’re going to have to put your needs first.
I’m speaking specifically about PPE and your safety.
If you’re an ICU nurse, or an ICU doc, and you become infected, not only are you out of the game for potentially weeks (or killed). But your replacements could be people without your expertise. Your remaining co-workers are short staffed now, more likely to make mistakes and become ill themselves. You stop being a force multiplier and start using healthcare resources.
You going in may save the patient, it may not. But you cant save any patients in the weeks you’re laying in a hospital bed or using a vent yourself.
People are going to die. Do not become one of them.
There is no emergency in a pandemic.
During the Ebola outbreak, people were dying. But at no point did we rush in, we took the 10 minutes to put on our PPE with our spotter. If we didn’t have proper PPE we did NOT go in.
There is no emergency in a pandemic.
You may work in long term care, and want to rush in to save a patient you have had for years. Do not go in without your PPE.
There is no emergency in a pandemic.
You may have a survivor in the room, screaming at you to come in because their mother is crashing. Do not go in without your PPE.
There is no emergency in a pandemic.
You may have an infected woman in labor. Screaming for help. Do not go in without your PPE.
There is no emergency in a pandemic.
You may have a self-quarantined patient with a gunshot wound who is bleeding out. Do not go in there without your PPE.
There is no emergency in a pandemic.
Doing nothing may be the hardest thing you’ve ever had to do in your life.
Many of you say, I could never do that. I wouldn’t be able to stop myself from rushing in and saving my patient.
Liberian nurses and doctors said the same thing, and many did run in to help, saying PPE be damned. My patients need me.
Then they became infected, they infected others. And they died.
They didn’t help anyone after that.
Do not let the deaths of hundreds of healthcare workers be forgotten.

This powerful statement accurately captures the spirit of a pandemic. We must make steadfast progress and not rush into scenarios that put us in a potentially worse position.

For example, we cannot rush into short term solutions that turn Facebook into the new owner of our health data. 


Privacy during a pandemic

Recently Facebook started symptom tracking. Have we rushed to find the pandemic’s solution with a corporation that historically weaponizes data in political situations? How is the data processed and managed by Facebook?  How is Facebook de-identifying this data? 

Many countries turned down Facebook’s proposal for Libra, Facebook’s take on digital currency. Are countries in such distress that Facebook’s play on health data is going unseen? 

Technology can definitely help us during the pandemic but technology can certainly hurt us in the long term if it is not implemented properly. It is time for Facebook to answer difficult questions based on how their health data collection system is designed and if the system is built using Privacy by Design. Who at Facebook is able to see a user’s symptoms in unencrypted plaintext? 

According to the Financial Times, even Facebook’s system of encryption for Whats App has been shown to be compromised. 

It is 2020, we have the necessary technology to build systems that have Privacy by Design.

  1. Give people their encryption keys, encrypt data in transit and storage. 
  2. Use federated data models when possible (especially if there is going to be a geolocation tracking system used for contact tracing). 
  3. Make these tools open
  4. Use smart contracts where people can revoke the tracing permissions when the pandemic is over.

Google and Apple seem to be making moves in the right direction regarding privacy during the pandemic. Their contact tracing partnership uses anonymous keys every 15 minutes and a smartphone’s bluetooth. The companies claim they won’t have access to the data and it will be held on a remote server.  When a person becomes COVID-19 positive they update a “health app” and grant consent to run a query of who they have been in contact with. Although both companies seem to have “good” intent it is unclear what technical guarantees regarding privacy this solution has. 

Fortunately, there are a variety of projects such as Private Kit by MIT and the Chaos Computer Club that promote privacy during the pandemic to balance the scale. We need the scale tipped in the favor of privacy and security.

freedom in the sky

We need to move fast and not break things. People’s lives are at stake and how we respond to the pandemic becomes our new normal. 

Much like our world needs protective gear for frontline workers we need health data security for people - otherwise we risk a cyber pandemic of epic proportions with no vaccine. 

When this shelter in place is over, I want to walk out of my home feeling more free not less.