Surveillance and Privacy in South Korea’s Covid Response
Professor Tom Sorell
The first case of Covid in South Korea (see Footnote 1) was reported on 20 January 2020. The initial half-dozen cases all had a connection with Wuhan or Hubei province in China. In about a month, the number of cases had risen to around 30, with some infections also imported from Japan, Thailand and Singapore. The 31st case, recorded on 18 February, became notorious for being associated with a “super-spreader” in the South Korean city of Daegu, who had visited Wuhan. She was affiliated to a religious organisation called Shincheongi, and participated in close-contact religious rituals with other members of the group. On 20 February, 70 new cases were reported, and testing among members of Shincheongi revealed 544 cases of the infection out of 4400 tested. By 29th February, however, the peak daily infection number (990) was reached in South Korea. This declined to 131 on 10 March, and 47 on 6 April.
South Korea, then, managed an impressively rapid containment. How? Briefly, by intense virus testing and by quick and effective contact tracing for those testing positive or reporting symptoms (see Footnote 2). South Korean contact-tracing involved not just consulting the infected person’s memory of contacts and places visited, but also tracking using CCTV from ATM and credit card transactions (see Footnote 3), or mobile phone tracking using location data from cell-towers. Mobile phones identified in the neighbourhood of an infected person’s recent location history were then sent messages notifying them of possible contact with a virus carrier and inviting phone owners for tests. Occasionally, the communications to neighbourhoods contained identifying, even intimate, information about the relevant spreader of the virus, creating conditions for stigmatisation or, even worse, possible retaliation. For example, visits to “love hotels” were included in public location histories of spreaders communicated to possible contacts (see Footnote 4).
The South Korean approach to Covid track and trace departed from more than one norm of privacy protection in normal times. First, probably without democratic deliberation, it allowed for the mining of data sets whose contents were not collected for a public health purpose. Data about credit card transactions is meant to justify credit card bills to credit card holders. CCTV data is normally for the protection of property against intrusion or crime. ATM data is collected to record withdrawals of funds by card users, assumed to be holders of relevant bank accounts. The fact that CCTV images and other transaction data are proxies for someone’s location does not normally justify people trying to track other people’s movements by those means: normally, adults have a right to move around as and when they like and to do so unobserved. The second kind of departure from norms of privacy occurred when the Korean authorities communicated more information than was necessary, including intimate information, about a Covid contact to mobile phone numbers associated with particular neighbourhoods through which an infected person passed (see Footnote 5).
Granting that the use of intimate information was wrong, even in a pandemic, what are we to say about the repurposing for Covid track and trace of mobile phone location data, ATM and credit card transaction data, and CCTV images? The fact that quick repurposing breaks normal data protection norms is not by itself a decisive objection to what the South Koreans did, since lives and serious illness were at stake, and since numbers of lives threatened by the virus rise more steeply the longer it takes to trace spreaders of the virus and their contacts. Data protection norms are typically not broken for the sake of saving lives, and if there is no alternative, or no alternative in the time available to invading privacy, breaking a data protection norm is a considerably smaller evil than avoidably failing to prevent a death. Let us concede that even in a pandemic emergency there is no need to identify a carrier by more than the route he or she followed as he or she circulated in densely populated localities. Let us concede, too, that there is no need to exchange that location data with people who were not in the carrier’s vicinity at the time. These concessions are compatible, with the permissibility, indeed the moral necessity, in an emergency, of quickly collecting and analysing a lot of relevant location data, correlating it with CCTV and ATM transaction data, and for communicating health warnings to local mobile phone numbers the authorities do not normally have legitimate access to.
It is worth pausing to consider more carefully the relative values of privacy, continued life, and continued life free of the sort of life-threatening respiratory symptoms of the worst Covid cases.
In general, privacy matters because it facilitates autonomy in circumstances in which exercises of autonomy by one person pose no risk to the health of others. That is, in normal times, privacy helps one to lead a life determined by one’s clear-headed, life-organising and harmless choices (see Footnote 6). Familiar privacy conventions block the observational and informational access of others to one’s body, one’s home and one’s deepest opinions unless access has specifically been granted by the person concerned. The basic idea is that one needs a space not occupied or experienced by others in order to plan one’s life freely and lead certain important parts of it satisfyingly. The freedom of individuals not to be observed, and to keep facts about themselves from becoming common knowledge, reduces the scope for manipulation or unwanted influence by others, including the state.
But the personal privacy that facilitates leading a life according to one’s choices is necessarily the personal privacy of a living person with the capacity to choose, and the capacity to choose is partly set by one’s medical condition. To put it more simply, autonomous living presupposes decision-making capacity connected to a certain level of biological functioning that medical treatment is normatively expected to maintain: pandemic emergency threatens that minimum for many in a large population. Or, in other words, autonomy depends on privacy once the medical conditions for survival and being an agent with capacity have been met. Privacy is a less basic good than capacity provided by normal biological functioning, and the more basic a good is, the more priority is given to each person securing it in a pandemic emergency. In this sense the protection of life takes precedence over privacy protection when they conflict.
Facts about contagious disease in general and Covid in particular directly involve two private zones par excellence: the body and the home: the body, because Covid affects the respiratory system, and because the virus is found in noses and throats; the home, because Covid transmission involves the exhalation and inhalation of droplets by people passing close to one another in space, particularly, enclosed, shared interior spaces. When homes are densely inhabited by a range of generations of the same extended family, the risk of infection and even death can be highly elevated.
Infection control in a pandemic requires the quick transmission to public health bodies of information about symptoms such as continuous coughing, fever and the loss of one’s senses of taste and smell. Normally, that is, outside emergencies, it is not obligatory to disclose this sort of information to the authorities. In developed countries symptom-reporting is supposed to trigger prompt testing for the virus, with positive results leading to obligatory, sometimes difficult and unpleasant, self-isolation, as well as the communication to human contact tracers of all the places and people one has recently visited. All of these obligations are privacy-violating, but for the sake of maximising the chances of saving life and the prevention of the worst of Covid illness for the largest number. If the privacy-violations are unavoidable in the time available, then they seem genuinely justifiable in the sense that inflicting the lesser of two harms when there is no other option is available.
Footnote 1: I base my account in this paragraph on Amy Dighe, Lorenzo Cattarino, Gina Cuomo-Dannenburg et al. Response to COVID-19 in South Korea and implications for lifting stringent interventions. Imperial College London (29-05-2020). doi: https://doi.org/10.25561/79388. See also: https://chpi.org.uk/blog/what-can-the-uk-learn-from-south-koreas-response-to-covid-19/
Footnote 2: A timeline of actions can be found at: https://www.csis.org/analysis/timeline-south-koreas-response-covid-19
Footnote 6: For a detailed account of the value of privacy, see J.Guelke and T. Sorell, ‘Violations of Privacy and Law: the Case of Stalking’ Law, Ethics and Philosophy 4 (2016) pp. 32-69.
Tom Sorell is Professor of Politics and Philosophy at the University of Warwick, and directs the Interdisciplinary Ethics Research Group. He has written previously about the ethics of surveillance and is a contributor on that topic to the Philosophy Bites podcasts. He has also written extensively on ways in which ethical and political norms are affected by emergency conditions. (His Emergencies and Politics was published by Cambridge University Press in 2013.)