The great post-Covid privacy creep

The Moscone Center in San Francisco is best known as a place where tech companies host blockbuster events. That was here in 2007 Steve Jobs introduced the original iPhone stating, “Every once in a while, a revolutionary product comes along that changes everything.”

I used to be a regular visitor to Moscone, but in the last two years I’ve only been there three times: twice for vaccinations and more recently for the Game Developers Conference, a gathering of video game developers known as the GDC. It was the biggest event I’ve been to since the big reappearance 12,000 visitors.

Beforehand, I received an email asking me to download an app called Clear Health Pass. Americans who fly will be familiar with Clear – the company regularly promotes it New business at airports. For a fee, Clear promises a fast route through security.

As of May 2020, Clear has also developed an app that checks vaccination status and “gives them the confidence to move forward,” according to its Twitter feed. It certainly gave me an opportunity to move up the queue at GDC. Those who didn’t have it had to join a snake.

Prompted by the app, I was asked to upload proof of my vaccine (OK), take a photo of the photo page of my passport (Sure), and take a scan of my face (Um…). The app also needed my email address, home address and phone number. Exactly what Clear can do with all this data is set out in a 4,596-word privacy policy.

This states that by using the app to check your vaccination status, you consent to your information being used to receive “services offered by our marketing partners”. Non-biometric data may be used to conduct “data analysis” including “market and consumer research”. It also says the company may use “your health information” to “evaluate and improve our services.”

And then there’s this: “We may also share de-identified information with public interest organizations, healthcare organizations and researchers. We will prohibit these organizations from attempting to re-identify the information we share with them.”

When I contacted Clear for more information, a spokesperson told me that they have never had to take action against a company for violating these policies. And if it does share information, it’s “virtually impossible to re-identify specific individuals.” Such assurances are to be expected. But we must ask whether such schemes should be the cost of entry into post-Covid public life.

I made it clear, but similarly, steroid data gathering is everywhere. A bar in San Francisco wanted my email address before showing me the wine list. Omnipresent QR codes often collect data about you. For decades, companies have dreamed of learning more about what they do in the real world. And now they do.

Sensing public unease, lawmakers around the world are tending to shy away from the thorny issue of vaccination records. It’s clear we get them anyway, but managed by companies instead. Last year the American Civil Rights Union warned against technology “putting more of our personal information and power in the hands of corporations that profit at our expense.”

The Clear app is used at events in the US. It’s free to the event-goer, and while technically optional, the convenience factor means mass adoption is inevitable.

We’ve been to this intersection before. The true implications of data collection on the Internet have crept in on us. We should be careful not to let the same thing happen again.

Dave Lee is an FT reporter based in San Francisco

Follow @FTMag on Twitter to be the first to know about our latest stories

The great post-Covid privacy creep Source link The great post-Covid privacy creep

Related Articles

Back to top button