Coronavirus Concerns Encourage Officials to Hijack Loyalty Programs
The threat of disease spread during the COVID-19 pandemic is stirring some creative thinking on how to best track down cases, control outbreaks, and monitor local populations. The fundamental resource necessary to assume these activities is data. How far should health officials go to access this data under the motivation to keep people safe? One privacy watchdog in British Columbia, Canada is concerned that the fundamental right of privacy is being violated in an effort to keep coronavirus in check — and loyalty programs are at the center of the debate.
B.C. healthcare leader Dr. Bonnie Henry recently announced that she directed businesses to collect and store personal information — gleaned from credit cards and loyalty programs — to assist with contact-tracing efforts in the province.
“What we have said is that is our advice…and we’re not going to access that information unless it’s absolutely necessary,” said Henry “…for example, we can get access to things like credit card information or people’s loyalty card information from a grocery store when we’ve had outbreaks.”
The revelation came as a surprise to the executive director of the B.C. Civil Liberties Association, Harsh Walia, who vociferated her concerns: “I would be very interested in hearing more about how that’s being used and what those specific standards were in place and what the guidelines are.”
Perceptions Are Everything
When brands operating loyalty programs have custody over highly sensitive information like personally identifiable information (PII), there is a convention of trust formed between program administrators and their customers. In an environment of goodwill, transparency, and responsibility, many customers are more than comfortable relinquishing their personal data. While 79% of consumers will leave a brand if their personal data is used without their knowledge, up to 99% of customers would be willing to share this same data provided permission and personalization is clearly emphasized.
Dedicated Contact-Tracing Apps Lack Data Security
Loyalty and customer behavior penetration tactics are experimental methods of mining essential contact-tracing information like personal and location data. But many governments across the world are relying on other types of technology solutions to yield overarching insight into COVID-19 affected populations. The key tool for these efforts has been specialized apps installed onto mobile devices, providing officials visibility into outbreak incidence and a centralized resource for wide dissemination. The use of loyalty programs for COVID-19 insight, while an efficient source of data that already exists, is challenged by the fact that not all people will subscribe to any particular program, and the diversity of programs in the market complicate the consistency of any data that is made available.
But questions are being raised about the general state of security surrounding government tracking applications. Last month, a survey of 53 contact tracing apps available globally revealed that 25 per cent have no privacy policies and 57 per cent use GPS technology over Bluetooth, allowing a greater risk for users to be tracked physically on a map.
According to Samuel Woodhams, digital rights activist at U.K. firm Top10VPN, who spearheaded the research, this move towards government-instated surveillance is nothing new:
“A lot of what this pandemic has done is shown us the kind of surveillance capabilities that a lot of democratic countries have had for a very long time,” Woodhams said.
“It’s just that they’re now being implemented in a way that a lot of people will find acceptable.”