Expert Speak Digital Frontiers
Published on Oct 02, 2020
No matter how dangerous it is to individual freedoms, government-Big Tech collaboration is necessary, both in times of crisis as well as normalcy as more welfare service delivery is reliant on technology.
Treading the unusual alliance between Big Tech and the government post-Covid-19 The novel Coronavirus is the first pandemic of its scale in the fourth industrial age, the last comparable viral outbreak being the Spanish flu in 1918. This means that governments as the primary responders to the crisis for the first time have been able to apply a growing suite of advanced technologies and digital infrastructure towards pandemic mitigation and allied efforts. Evgeny Morozov coined and criticized the philosophy of technology solutionism that runs abound with high optimism during the pandemic response. This in turn has not only changed the nature of both the government and Big Tech but also calibrated unlikely partnerships between them.

Evolving nature of Big Tech and the government 

In a bid to win back waning public trust, Big Tech with its resources and network influence comparable to that of national governments, has dedicated itself to channelizing technology for pandemic mitigation and relief. It has plugged itself into areas where state capacity did not exist (like Google and Apple collaborating to develop a privacy-conscious exposure notification API) and accelerated development of technology solutions that have become the cornerstone of the pandemic response today (for instance, private volunteers from near-unicorn tech start-ups assisting the development of India’s national contact tracing app, Aarogya Setu, the data collected by which is hosted on Amazon Web Services). This has led to a reinforcement of Big Tech’s civic role, one that de facto existed considering their influence on shaping behaviors and preferences through their consumer-facing pervasive platforms. As per a new Harris Poll, 38% Americans report viewing Big Tech more positively since the pandemic and 71% are willing to share their locational data to receive alerts about possible viral exposure. On the other hand, the government’s escapades with escalated techno-solutionism has resulted in behavior mirroring that of Big Tech. Right from centralized storage and using GPS data in national contact tracing apps to storing data collected anywhere from 60 days (India) to 6 years (Poland), more and more governments are embarking on a journey of collecting immensely personal and real-time data of its citizens. As both Big Tech and the government embrace new and overlapping roles, it has created an ecosystem where both interact and collaborate with each other, encouraged by a society that is increasingly comfortable with or convinced of the necessity of technology playing a bigger role in their lives, at least during the pandemic. The Indian government, for instance, extended a hand to Google, WhatsApp, and Facebook for mass information and risk communications campaigns, given their large user base in the country. It also partnered with Google Maps at the onset of the migrant exodus to adapt the application to highlight night and food shelters in 30 cities. The pandemic has been a watershed moment in how Big Tech has been traditionally relating with government. While in the United States, Facebook, Amazon, Google, and Apple are being put under scrutiny by the Congress for alleged antitrust behavior and ‘being too big’, the same bigness also makes them apt allies for national governments as they respond to the wrath of the Coronavirus.

 The potential slippery slopes 

There is a growing fear that as Big Tech and the government embrace each other’s characteristics, they will be tempted to share a bit too much. This goes both ways -- as the government shares more data and expects data sharing from Big Tech, the digitized individual becomes further naked to entities external to itself. Without proper regulation and transparency, these collaborations will slip into misuse no matter how effective they are from a public health standpoint. China’s Alipay Health Code, while largely effective in slowing down the infection rates, did in fact end up sharing data directly with government servers and thereby the police. The challenge, however, is that regulation can itself be used as a political tool for extrajudicial interests, especially by governments. In March, the US government was exploring partnerships with Facebook, Google and others to collect location data from smartphones to track whether people are keeping one another at safe distances to stem the outbreak. Countries like Israel passed emergency laws to compel such sharing. While most of these measures are alleged to be about anonymized data sharing, the risk of abuse still exists because anonymization is not known to be foolproof and re-identification can only be avoided when data is decentralized. Breaking silos between government databases and Big Tech’s data, albeit anonymized, can lead to potential re-identification. Google might only know your GPS coordinates, but the government can match your geotag to your home address, utility payments, criminal record, medical history etc. On the flipside, the concern about inadequate state capacity has never been more prominent than during the pandemic. Outside of the data question, greater reliance on private entities, especially those with low public trust, for development of essential technological tools, thwarts the development of sustainable state capacity. It also deters the state’s ability to make independent choices, due to reliance on external actors to carry out state functions especially in emergencies. This is why the Google-Apple exposure notification has met with lukewarm success at best.

Navigating collaborations in the future

No matter how dangerous it is to individual freedoms, government-Big Tech collaboration is necessary, both in times of crisis as well as normalcy as more welfare service delivery is reliant on technology. This is truer for health related emerging technologies, which have now strongly shown merit in the fight against Covid-19 as per a recent expert survey, thus making government and private tech  more symbiotic when it comes to sensitive health data. In order to truly optimize this Pandora's box of opportunity technology collaborations offer while staying clear of the concessions it might demand on individual liberties, commensurate partnerships between Big Tech, the government and society at large are necessary to design the regulations as well. This includes substantive standards and institutionalized models to put privacy at the core, protect against mission creep between public-health activities as well as other government activities, and prevent commercial data exploitation. Firstly, it is essential to realize that there is no substitute for self-regulation given the current safe harbour for Big Tech. Self-regulation can be demanded by citizen activism as well as government vigilance, especially in partnerships with itself. Microsoft, for instance, partnered with the US Centers for Disease Control and Prevention (CDC) for a self-assessment chatbot powered by Azure, while ensuring that no data shared with the CDC reaches Microsoft. This they claim to ensure by adhering to principles of minimization and meaningful consent, as well as by instituting security safeguards such as de-identification, encryption, rotating and random identifiers, decentralized identities etc. This can also translate into activities where data sharing with the government might be morally imperative from a public health standpoint. Aggregation and anonymization instead of sole anonymization of data before sharing can serve to protect against risks of re-identification while having ready information for the government, like Google’s Community Mobility Reports. Secondly, institutionalization of data sharing practices and structures like data trusts and creation of open datasets can walk the tightrope between innovation and caution. To propel the innovation ecosystem, many governments and academic institutions across the world share non-personal data through open repositories. This allows the government to play a market shaping role and drive innovation to priority issues. The government can also demand intellectual property rights or public use clauses for innovations built on the data the government holds as a fiduciary of the public. The semi-open repository model has existed for a long time in academic research, but can be further adapted for technology companies and Big Data analysis. For instance, UK BioBank was established in 2006 to steward genetic data and samples from around half a million people to drive health research by scientists who have to register and request access to data. Data trusts essentially take this proposition one step forward in terms of open and universal access, stewardship of non-specialized data as well, and pooling of data from all sources, including the private sector. It understands that an independent steward acting on behalf of the public can better secure collective privacy as compared to individual claims being enforced disparately. Another model to explore for data that might not have public welfare utility but might have value for tech companies is that of a data marketplace, whereby data that is encrypted, anonymized at the source and relevant to the purpose can be shared with private players, along with the digital rights management rules attached. While different models exist and are being explored across the world and in India (with the proposed Non-Personal Data Governance Framework), questions as to who could be independent enough to play the role of the trustee weigh heavily. It might be difficult to incentivize Big Tech companies to engage with such a model. Finally, consultative regulation in the interest of the public and data owners is necessary. There is no replacement for clear anonymization standards, standardized and transparent contracts with stringent data storage and minimization clauses, and strong enforcement mechanisms. Civic-use products that emerge out of collaborations should be open sourced to build public trust. There could also be reasonable and justified expectations upon the regulators to ensure that data collected by Big Tech firms, especially through a collaborative government initiative, be made available with public entities. While experiments with different models of collaboration, systems and regulations are on-going, respect for legality, necessity, and proportionality with any kind of data sharing and collaboration is imperative. Both Big Tech and the government should stand guard on behalf of the public against excesses by the other -- since that might be the only option we have right now, no matter how idealistic.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.