Protecting individual privacy is critical to all of us at Camber Systems as we continue supporting the larger efforts to reduce the spread of COVID-19. We want to protect against re-identification. We know that it has been a startling thing for many people to see the type of geospatial information collected by aggregators. Though we are using that data, we are using the utmost discretion and are thoughtfully cautious about how it is released to the world.
We keep a deep separation of the data we receive from data providers and what we show the world and provide to researchers. It’s important to us that we don’t release anything outside our infrastructure that includes any individual points. Internally, we limit those who can access the data. We also aggregate and truncate data based on the advice of the epidemiologists, and we will include differential privacy noise in our output (more on this in a future post).
The metrics that you are seeing and how we remove small numbers are designed to use the data that exists about people and expand our epidemiological understanding of the world.
Given our great concern regarding individual privacy, it’s clear to us that policies need to change around this data. Finding the balance between being able to use this data for good, protecting it, and appropriately aggregating and anonymizing it is not easy. Nor should a crisis put us in a position where we use an emergency to excuse the proliferation of data collection, especially granular data collection. The scientists we are working with are going to release scientific articles about the protection of this data and have already written in Science about the importance of this work. It is possible to apply both technical and regulatory controls here to ensure that we have a consent-driven, data-informed approach while assisting efforts to reduce the spread of COVID-19.