Several countries in Southeast Asia are successfully combating COVID-19 by harvesting citizens’ personal information like location data and other data gathered from mobile apps.

But these countries lack robust privacy laws, and the surveillance is taking place without consent of their citizens.

As such, COVID-19 is accelerating the debate around data protection in public health emergencies.

Rina Chandran filed this report for Reuters:

While data protection laws in Europe are driven by the intrinsic right to privacy, many Asian countries have “more pragmatic” legislation, even though there are robust compliance frameworks to prevent abuse of data, Bigg said. “Many data protection laws around the world have provisions to allow governments to bypass getting consent in certain circumstances, for say national security or public health emergencies,” she said.

In Europe, the General Data Protection Regulation (GDPR), requires anyone seeking to process someone’s data to obtain their consent. Mass tracking of people’s movements and contacts using smartphone location data violates this.

Singapore’s Personal Data Protection Commission has relaxed its terms to allow the collection, use and disclosure of personal data without the person’s consent to carry out contact tracing and other coronavirus response measures.

Yet other Southeast Asian countries are using personal data without protecting people’s privacy, said Emilie Pradichit, head of human rights charity Manushya Foundation in Bangkok. Vietnam is tracking locals and foreigners through mobile apps, while Thai immigration authorities are using location data of those arriving in the country, which amounts to “mass surveillance and a serious risk to privacy,” she said.

In the absence of an independent data protection authority in many countries, there is a risk that some of these measures will stay in place even after the situation eases. As more new technologies are introduced at this time, the dilemma of greater efficiency at the cost of reduced privacy will stay, and the coronavirus outbreak may accelerate the need for decisions about “what is and isn’t acceptable,” said Tanner.

“A fundamental tension exists between the capacity of digital technologies to harvest data for specific purposes and the risks the use or misuse of that data can pose to individual liberty or security,” he said. “We need governments to ensure citizens are able to play an active role in shaping future policy frameworks that shape how we use AI, digital identity or facial recognition systems so that they can be used with legitimacy.”