If I were to ask you to list the three most effective methods of stopping a pandemic dead in its tracks, what would you say?
I am certain you would include contact tracing in the list.
How could you not? We’re told it is one of the most effective ways of curbing the spread of Covid-19. We’re told that yes, we might have to compromise on our privacy but it is for the greater good. After all, the safety of others trumps our need for privacy, right?
This seems like a fair argument – at least on the surface. And it is the implicit ethical trade-off that’s been foundational to the development of myriad contact tracing apps around the world.
At this point, many countries which have had an outbreak have either created or adopted one. It’s certainly not surprising – the credo of today’s era of tech solutionism is that every problem in the world, be it large or small, has a technology solution waiting to be found. It’s a seductive technoutopian worldview that’s become an inextricable part of today’s zeitgeist.
Its proponents would say that we need only look at the success of China and South Korea – countries that have pretty much stopped the scourge of Covid-19, thanks in large measure to the effectiveness of their contact tracing apps.
But wait a minute. If contact tracing apps are so effective, why haven’t more of the dozens of countries which adopted it had similar success? Are China and South Korea exceptions and not the rule?
This is the contention of a growing number of researchers who increasingly find that as enticing as contact tracing apps once were, they have fallen far short of their promise.
And unsurprisingly, Malaysia’s MySejahtera app is no different.
But surprisingly, this is in spite of the fact that it has been downloaded by almost 60% of all mobile phone users in Malaysia as of August 2020 – one of the highest adoption rates in the world. By contrast, the installation of contact tracing apps in most European countries and in the US has only enjoyed middling success at best, partly due to poor public reception – something that hasn’t been a problem in generally agreeable Malaysia.
Researchers at the University of Oxford projected that if 56% of the UK population used a contact tracing app (in cooperation with either control measures), the disease’s spread would be arrested. Another report suggests that even at lower adoption rates, the app would be helpful. Even with a measly 15% adoption, infection rates could be lowered by up to 12% and deaths could be reduced by up to 15%.
Malaysia has had an enviable 13,284,611 MySejahtera app downloads, which amounts to 42% of our population. And this was as of August 10, 2020 – more than three months ago. I’m sure it’s increased considerably since then.
However, according to the health ministry, less than 4% of all infections (as of October 2020) have been directly detected using the MySejahtera app.
And even those were detected through the self-assessment test provided by the app, not active contact tracing. It said that many cases had been indirectly detected, but did not specify what “many” is.
With the impressive number of downloads that MySejahtera has had, we should be seeing a lot more impact – as the University of Oxford study predicts. Many times more cases should be detected and many more deaths should be averted.
Unfortunately, we haven’t seen much data on how effective it’s really been.
Being transparent about the effectiveness of MySejahtera’s contact tracing feature is crucial for public trust and perception. I wonder if they’re not divulging it as this feature hasn’t been nearly as effective as they thought it would be. This would certainly be in line with what many researchers are discovering now across the world.
This could be due to a few things. One is our relative lack of surveillance infrastructure that complements the app, unlike in countries such as China, South Korea and Singapore. Another could be the fact that MySejahtera doesn’t incorporate bluetooth-enabled proximity sensing, which is a part of many other similar apps across the globe. Malaysia did develop an app which performs contact tracing using bluetooth called MyTrace but the fact that this is a separate app doomed it to failure. It’s been downloaded by less than 200,000 people.
Additionally, only around 30% of those above age 65 in Malaysia have smartphones. However, this is the demographic that most needs protection against Covid-19. So ironically, contact tracing apps are least helpful to the most vulnerable slice of our population.
So considering MySejahtera’s apparent lack of effectiveness, is it worth what we’re giving up – namely our privacy?
Fong Choong Fook, an IT specialist involved in testing app security brings up a valid point: “What has the government done in terms of protecting our personal information? So far, the PDPA (Personal Data Protection Act 2010) that we have doesn’t govern the government itself. So the government may not be accountable for any data leak due to negligence. “We can’t do anything against the government, that’s the limitation of the PDPA.”
To allay public fears about privacy infringement, the health ministry needs to be as transparent as possible. Mere pronouncements about how our data is safe, secure and free of misuse isn’t enough. They should:
- Release data on how the app has helped with Covid-19 containment. How many infections has it detected? How many lives has it potentially saved?
- Release the source code of the app so independent parties can verify that there aren’t any privacy violations or features that would allow foul play;
- Specify the law that governs and protects the data collected using MySejahtera and what it entails; and
- Explain what would happen to the MySejahtera app once Covid-19 is mitigated. Would the app be shelved and the data erased, as they should be?
The treasure trove of data that is at the disposal of the government now, thanks to MySejahtera, will prove a temptation that’s difficult for those in power to resist, and to eventually purge. In today’s world, data is power.
Knowledge about where people shop, where they travel, what they do and who they’re with, among many other things, will give the government incredible powers – powers that would tip the scales of democracy in its favour.
If the past is any indication, governments aren’t good stewards of our data. Who can forget how Cambridge Analytica, a controversial political consulting firm, used Facebook’s avalanche of user data to steer elections in the way of its customers? Its highest profile scandal involved its work in helping elect Donald Trump in 2016, but it had another customer that is much more pertinent to us.
None other than Umno, then under the leadership of Najib Razak, enlisted Cambridge Analytica’s shady services during GE14 in 2013.
Another cautionary tale is the Patriot Act which was enacted in the US hot on the heels of the 9/11 attacks. It was meant to detect terrorist activity but under its guise, was also used to collect inordinate amounts of data on its own population. Such gross governmental overreach is rampant across the world, and to think that the Malaysian government might be immune to it is foolish.
Similarly, as well intentioned as MySejahtera might be, it could very well morph into our own version of the Patriot Act if proper checks and balances aren’t installed in place.
As social psychologist Peter T Coleman said: “In today’s world, more harm may be done by well-intentioned people trying to do good, who are unaware of the unintended consequences of their actions, than by people actually trying to cause harm.”
For more, follow us on
LGMS YouTube Channel : LGMS Penetration Testing Expert (LE Global Services)
LGMS Facebook Page : lgms.global
LGMS Linkedin Page : lgms-global
LGMS Instagram ID : lgms.global
More news about LGMS:
- 活力加油站 (Living Delight) -网络安全成隐忧？
- Being smart about smartphones
- Malaysia on the fast lane to become Cloud Computing Hub – Malaysia Cloud & Datacenter Digital Summit 2020
- Cybersecurity: the market is growing, threats remain
- ‘Digital Civil War’: Twitter & Facebook Ban Anti-Biden Bombshells, Greenlight Anti-Trump Hoaxes