DATA PRIVACY DURING AND POST COVID-19.
A few months ago Open Institute and Data ready organised a webinar titled Preparing for better times: Restoring data rights in a post-pandemic world. The aim of the webinar which brought virtually a number of professionals in the data field to discuss data post covid.At the moment different governments are using different methods to collect data from their citizens. The data collected is mostly used in a number of ways in dealing with the covid-19 pandemic. Mass data collection methods have been put in place, from applications like to phone surveillance governments are going all out when it comes to dealing with the virus.
The questions posed to individuals during the webinar included how confident citizens were with the data that the government was collecting? Who has access to it? How susceptible is it to leaks and hacks and the main one being how is privacy going to be upheld post covid. These questions seem of minute value at the moment as all focus is on containing if not doing away with the virus and embracing a new normal. They will, however, resurface when calm has been restored in the post-covid era. We will all battle with the question of how can data be governed?
Our personal data is currently being collected in three main ways.
Mobile location data: This is providing governments with advanced tracking capabilities to help enforce quarantines.
Facial recognition technology:I have personally encountered this at a local bank in the Nairobi CBD, They have been linked with biometric databases with digital thermometers to identify individuals with a fever.
Applications like Nextstrain which is a platform for sharing genomic data, to help researchers track and study the evolution of coronavirus.
With all these measures in place from a distance, citizens seem safe as the governments seem to have things in order. What most people don't know is that the above measures not only collect but also creating the data. The data being collected at the moment just to break it down is not only exclusive to public health. Most of them cover specific demographics like gender, age, location, location frequently visited, nationality. This is the same kind of data that private sector, advertising companies, and the consumer markets as a whole can thrive from. Pharmaceutical companies can thrive from this data, health insurers can benefit from this when formulating new policies and claims.
Data regulations like the EU's General Data Protection Regulation (GDPR) came up during the webinar. As much as the GDPR exists it extends its jurisdiction to any company or entity that collects or processes personal information of residents of EU. In Africa, The African Union Convention of Cybersecurity and personal data protection has been in existence since 2014, the only issue is that Kenya as a country has neither signed nor ratified the treaty to date. The data protection act in Kenya was enacted in 2019 but very few Kenyans are aware of it and how much if their lives are impacted by it. As much as it brings an era to the murky waters of data protection legislation, a policymaker is yet to appointed hence nothing can be implemented at the moment.
My parting shot is that as much as the times we are living in at the moment are uncertain and the government is seeking data-driven solutions to curb this pandemic, we must sensitize ourselves on what this data will be put to use post-pandemic because the effect it has on all of us is deadly. The crisis will eventually pass but all stakeholders involved, that is governments, private sector and data firms should learn from this as other data challenges will arise and when they do, we have to be equipped enough.