Many public health authorities around the world have turned to initiatives involving location-based services to help monitor their populations.
Measures have included the use of aggregated mobile location data to track citizens during lockdowns, mobile apps designed to help identify the location of those infected, and the deployment of advanced cellphone monitoring technologies.
Below is a reverse chronological list of confirmed location tracking being adopted around the world.
Singapore – 14/09/20
Singapore introduced Bluetooth contact-tracing tokens for its residents in September. The tokens were an important way of expanding contact tracing efforts to those without smart phones.
As the BBC reported, “The initial rollout is happening in areas with a greater concentration of elderly people, who are both at a greater health risk… and less likely to own a smart phone.”[11]
Brazil – 10/07/20
In a positive move, Brazil’s Supreme Court overruled a government order that forced telecommunications companies to share users’ location data with authorities.
“Privacy advocates have hailed the judgment as a historic win, but warned that the court’s decision could lead to unintended consequences – by allowing other government agencies to set precedent on data protection issues before the country’s data protection authority is established,” according to the Global Data Review.[12]
New Zealand – 07/07/20
Hamish Walker, a New Zealand politician, leaked the personal details of COVID-19 patients to the media in July. The data was acquired by Michelle Boag, the chief executive of a rescue helicopter trust, who then passed it to the politician. “The incident has shocked New Zealanders and is being viewed as the first smear attempt of the upcoming general election,” The Guardian reported.[13]
Israel – 24/06/20
Just a matter of weeks after the controversial tracking measure was halted, Israel’s parliament voted to reintroduce Shin Bet’s location tracking initiative on June 24.[14]
Chile – 19/06/20
Telecommunications companies in Chile confirmed they were passing location data to public authorities in a bid to monitor the movements of citizens. According to one report, the location data is “aggregated and anonymous.”[15]
Israel – 09/06/20
An Israeli official announced on June 9 2020 that the country’s internal security service had brought its cellphone location tracking operation to an end.
The official, who requested anonymity, told Reuters: “This (tracking) will be renewed only if there is a big outbreak, at which point snap legislation would be required in parliament.”[16]
The use of the location-tracking technology, which was originally designed to counter terrorism, had previously been challenged in court.
Morocco – 29/05/20
In an article published on May 29, entitled ‘Morocco’s coronavirus surveillance system could tip into Big Brother,’ Aziz Chahir argued that the country’s recently deployed location tracking apps risked plunging the country “further into a hyper-surveillance system”.[17]
According to the article, Morocco had purchased much of the location-tracking technology from Israel.
China – 26/05/20
On May 26, the Guardian reported that authorities in Hangzhou had announced their intentions of making a health status app permanent.[18]
According to the article, the app is similar to many deployed around the country that displays a “QR code with an individual’s virus status, which can be used to determine the extent to which the individual is allowed to move about.”
The new, broader app is thought to provide every citizen with a score out of 100 and record information including the number of cigarettes smoked, hours slept and steps taken by the user.
India – 11/05/20
On May 11 it was reported that an app used by Madhya Pradesh authorities designed to track the location of quarantined patients had leaked personal information online.
“The database contained the names of people who are meant to be quarantined, information about the type of phone they used and their last known location – at times as accurate as within 5 meters – and was available for download on an mp.gov.in website,” the Hindustan Times reported.[19]
After its discovery, the database was quickly taken offline.
Jordan – 08/05/20
On May 8, the Prime Ministry of Jordan Facebook’s page posted a video announcing a new mobile app called Cradar.[20]
The app is designed to allow citizens inform authorities about unauthorized gatherings and warn them if they suspect someone of having the virus.[21] It is one of many mobile apps developed by authorities in Jordan.
Other mobile apps include a contact tracing app[22] and an app designed to help authorities enforce quarantine.[23]
Hungary 04/05/20
The Hungarian parliament announced plans to temporarily suspend parts of the European-wide General Data Protection Regulation (GDPR), EURACTIV reported in early May.[24]
The new measures “include the suspension of the rights to access and erasure of personal information, and those who lodge a complaint or exercise their right to a judicial remedy will also have to wait for the proceedings to start until after the government proclaims an end to the state of danger.”
Opposition politician Bernadett Szél responded by saying, “restricting data rights is unnecessary and disproportionate, and furthermore does not help, even hinders the fight against the epidemic.”
In a recent report by Freedom House, the NGO said that “Prime Minister Viktor Orbán’s government in Hungary has… dropped any pretense of respecting democratic institutions.”
Turkey – 07/05/20
Turkey’s health minister announced a mandatory app for people thought to be infected, according to Human Rights Watch.[25]
“The app follows the movement of people instructed to self-isolate, and if they leave their homes, they receive a warning via SMS and are contacted instantly through automatic call technology and told to return to isolation.
“Those who fail to comply with the warning and continue to violate the quarantine are reported to relevant law enforcement and face administrative measures and sanctions, which can include jail time ranging from two months to a year in accordance with Article 195 of Turkish Penal Code.”
Russia – 05/05/20
Citizens of Moscow who have developed symptoms were asked to send three selfies daily to authorities to prove that they are remaining inside.[26]
According to a tweet by journalist Mathew Luxmoore, failure to comply could lead to fine of 4,000 roubles, approximately US$55.[27]
Malaysia – 04/05/20
Authorities in Selangor have introduced a new location tracking system as the city emerges from a lockdown.
“The system aims to support registered business or commercial premises owners by providing them with unique QR codes that can be placed on posters and scanned by visitors who enter their premises,” the Malay Mail reported.
Customers will then be required to scan the QR code before entering and, if they later test positive the businesses will be alerted.
Pakistan – 23/04/20
On April 23, Prime Minister Imran Khan announced that the country’s Inter-Services Intelligence (ISI) was helping monitor citizens with technology originally designed for tracking the location of potential militants.
“Rights activists say they fear the surveillance method could be misused by authorities to gain more access into the lives of Pakistani civilians, particularly those who are critical of the government,” VOA reported.[28]
Morocco – 23/04/20
A mobile app that monitors citizens’ location was launched in Morocco in April to assist police forces with enforcing lockdown.
The app lets police “know which checkpoints a person has passed through, allowing them to trace their movements” but “conforms to the rigorous security criteria used by the DGSN in its databases”, according to MAP officials quoted in The Star.[29]
Brazil – 17/04/20
On April 17, the Brazilian parliament passed legislation to allow the passing of telecommunication location data to public bodies. The legislation was later struck down by the Supreme Court.
Finland – 14/04/20
Mobile operator Telia published a press release stating that it had passed on anonymized cellphone location data to the government, prompting a review from the Office of the Chancellor of Justice.
According to one report, “The cabinet’s coronavirus war room uses the data provided by the app to analyze situations such as traffic flows in various parts of the country.”[30]
Kazakhstan – 08/04/20
“[The] Kazakhstani ministry of health requires the 8,000 or so Kazakhstani citizens currently under quarantine to use the SmartAstana tracking app, which enables officials to ensure that they remain in isolation,” according to Privacy International.
In Almaty, the country’s largest city, authorities are also using video surveillance to help track the location of those breaking quarantine orders. The technology is produced by Korkem Telecom, a local telecommunications firm, according to the Jamestown Foundation.[31]
Sweden – 08/04/20
“The Swedish Public Health Agency will use mobile data from Telia to analyze how people have moved in Sweden in connection with the spread of the coronavirus in the country,” according to a report by Computer Sweden published on April 8.[32]
Australia – 05/04/20
“Vodafone has provided the mobile phone location data of several million Australians in an anonymized and aggregated form to the federal and NSW governments to monitor whether people are following social distancing restrictions amid the coronavirus pandemic,” The Sydney Morning Herald reported.[33]
“To date, governments, medical experts and the media have used location data from transport apps such as CityMapper, which shows how people move throughout cities like Sydney and Melbourne using public transport, in an attempt to determine whether people’s movement has reduced.”
India – 05/04/20
Karnataka authorities introduced its new contact tracing app in early April.
“The app aims to track the movement history of persons tested positive, before their detection in order to take precautions and to contain the coronavirus outbreak,” India Today reported.[34]
According to Citizen Matters, “the governments of Kerala, Karnataka, Punjab and Tamil Nadu, the Ministry of Electronics and Information Technology (MeitY) and the National Informatics Centre (NIC) have released various mobile apps.
“While desperate times understandably call for desperate measures, many of these mobile phone-based interventions raise concerns about the privacy of users and that of persons directly affected by the novel coronavirus, overboard surveillance, and eventually, ‘function creep’.”[35]
U.S.- 04/04/20
On April 4, CNN reported that two tech startups had tracked citizens visiting the beach in Fort Lauderdale, Florida, by monitoring mobile phone location data.[36]
One of the companies involved then posted a heat map on Twitter to show their findings.[37]
Despite claiming to only use anonymized location data, it has been repeatedly been shown that even large anonymized data sets are at risk of re-identification.
New Zealand – 02/04/20
Police authorities in New Zealand have been reportedly asking returning Kiwis to give consent to authorities to track their location via their cellphones.[38]
According< to Police Commissioner Mike Bush, returning citizens 409 text 40 [40] 'please reply, turn on your location services and if it is okay with you we will be able to monitor where you are.'"[39]
India – 31/03/20
Andhra Pradesh authorities have been reportedly tracking mobile phones of those in quarantine. The technology uses signals of mobile towers to track people’s location and monitor whether or not they are abiding with lockdown rules.[40]
India – 31/03/20
Authorities in the state of Andhra Pradesh have been using a range of location-based tracking technologies to ensure infected citizens remain in quarantine, India Today reported.
“The first tool which is called the Covid alerting tracking system is being used by the authorities to track over 25,000 people who have been placed under home quarantine by tracking the location of their phones on a real-time basis with the help of telecom service providers and mobile tower signals.”[41]
Argentina – 30/03/20
Big data firm Grandata released a heat map based on location data in March showing the movement of citizens around Argentina to monitor compliance with the new lockdown.
“This is the perfect example of the data exploitation industry and data brokers, using data that users probably where not aware they were sharing with third parties like Grandata,” Privacy International stated.[42]
U.S. – 28/03/20
“Government officials across the U.S. are using location data from millions of cellphones in a bid to better understand the movements of Americans during the coronavirus pandemic,” the Wall Street Journal reported in March.
“The data — which is stripped of identifying information like the name of a phone’s owner — could help officials learn how coronavirus is spreading around the country and help blunt its advance.”[43]
It is thought the location data was acquired from the mobile advertising industry rather than from mobile operators.
Brazil – 27/03/20
“The mayor of Recife said the city is tracking at least 700,000 smartphones to identify where the lockdown rules are being followed,” ZDNet reported in March.
“Governments across Brazil are looking to roll out a system developed that uses geolocation tracking to support actions around the lockdowns intended to slow the spread.”[44]
The system is developed by InLoco, a Brazilian startup, and tracks the location of users “through a location map that doesn’t use GPS or beacons, which InLoco claims to be 30 times more accurate than GPS”.
Switzerland 26/03/20
“Switzerland has asked state-controlled Swisscom for day-old mobile phone data to help judge whether measures to restrict people’s movements and slow the coronavirus’s spread were working,” Reuters reported.[45]
Daniel Koch, head of infectious diseases at the federal health agency, said it “it had 48 to do 48 [48] surveillance” as they were only acquiring data from the previous day.
South Africa – 24/03/20
South Africa’s communications minister Stella Ndabeni-Abrahams told reporters in March that “It is important to look at the individuals 49at 48 affected 49 49] in order to be able to help the department of health to say that we know, in a particular area we have so many people that have been 50″50 [50] industry collectively has agreed to provide data analytics services in order to help government achieve this.”
Business Insider reported that “She did not provide further details, and regulations that will govern South Africa’s national lockdown, and methods of curbing the spread of the virus, have not yet been published.”[46]
Guatemala – 24/03/20
Authorities in Guatemala have released an app to help share information regarding the virus to its citizens, according to Privacy International. The app also collects “each user’s email address, social media account handles, age, personal interests, and geographic location, and asks permission to access files, calls, and audio, among others.”[47]
The app was reportedly developed in collaboration with Google and Friends of Israel.[48]
UK – 24/03/20
Researchers from King’s College London and St. Thomas’ Hospitals, in collaboration with a health company ZOE, have released an app that allows citizens to self-report their health to provide data on transmission of the virus.
According to the project’s listing on GovLab’s living repository of data collaboratives in response to COVID-19: “This data, protected by the European Union’s GDPR, is then sent to King’s College London and the NHS.”
Bulgaria – 24/03/20
Bulgarian authorities will have the power from March 24 to trace mobile phone traffic metadata and internet contacts without a court order, according to a tweet from Dr. Vesselin Bontchev.[49]
“The idea is to trace those in quarantine but this limitation is not spelled out in the law,” he said.
Pakistan – 24/03/20
Several residents across the country received a text message alerting them that they may have come into contact with someone with the virus, Ramsha Jahangir reported in March.
The message reportedly read: “It has been observed that you may have come in contact with a confirmed coronavirus case in the last 14 days. You are, therefore, requested to take necessary precautionary measures by self-quarantine.”[50]
It is thought the measure has been implemented via cell site location information (CSLI) and call detail record (CDR) data acquisition methods.
“Using CDR analysis, details such as locations visited by a confirmed Covid-19 patient as well as cell phone numbers of others who were in the same vicinity at the time can be obtained from the patient’s phone data,” the article stated.
Russia – 23/03/20
The Russian government released an announcement in March ordering the Ministry of Communications to develop a new contact tracing system to help monitor citizens thought to have come into contact with those that have the virus.[51] 56″The 57 [57] analyze specific individuals’ geolocation data from telecommunications companies,” Meduza reported.[52]
Morocco – 23/03/20
“Moroccan police have started using a mobile application in recent days to track violators of the kingdom’s lockdown in response to the coronavirus, according to the official MAP news agency,” Malaysian news site The Star reported.[53]
The mobile app was developed by the country’s national security force and allows the police to track which checkpoints a person has passed through.
“More than 53,000 people have been arrested since the start of a public health state of emergency on March 20.”
Spain – 23/03/20
Telecommunications giant Telefonica has been working with Spanish authorities to provide “mobility insights for monitoring 60, detecting infection 60, [60] prediction of virus propagation”, according to GovLab’s repository of data collaboratives.
The project went live on March 23, according to the listing.
India – 20/03/20
“People suspected of having the coronavirus in India have received hand stamps and are being tracked using their mobile phones and personal data,” Reuters reported in March.[54]
The indelible hand stamps, which have been applied to citizens arriving at airports in Maharashtra and southern Karnataka, include the date that the person may be released from self-isolation.
“In southern Kerala state, authorities have used telephone call records, CCTV footage, and mobile phone GPS systems to track down primary and secondary contacts of coronavirus patients.”
Poland – 19/03/20
Poland’s Ministry of Digital Affairs launched a new mobile app in March that relies on cellphone location data to coerce citizens into abiding by the terms of their quarantine.[55]
The app prompts its users to send a geolocated selfie at random times throughout the day, so that authorities can ensure that they are abiding by quarantine regulations.
Failure to comply with the orders to remain inside could result in a fine of PLN 5,000.
“The system checks both the person (using facial recognition) and the location, essentially replicating what would otherwise be a visit from a police officer,” Privacy International stated.[56]
UK – 19/03/20
On Thursday March 19, Sky News reported that the British government was working with major mobile network O2 to analyze its users’ location data.[57]
“The project will not be able to track individuals and is not to designed to do so,” according to the article.
A report published the same day by The Guardian revealed that EE, the country’s largest mobile operating company, was also in advanced discussions with the government about how best to share their users’ location data.
“Privacy campaigners worry that handing over such personally identifying information in large quantities crosses a line that may be hard to step back from when things return to normality.”[58]
Hong Kong – 19/03/20
All international arrivals to Hong Kong currently have to stay at home for 14 days. To track the new arrivals, authorities are now providing them with wristbands that log a user’s location and share it with relevant authorities.
Anyone violating the quarantine orders could face up to six months in prison and a fine of up to HK$25,000, according to Quartz.[59]
Italy – 18/03/20
Vodafone launched a five-point plan to help respond to the outbreak on March 18.[60]
The company was “already producing an aggregated and anonymous heat map for the Lombardy region in Italy to help the authorities to better understand population movements in order to help thwart the spread of COVID-19”, according to the press release.
Israel – 17/03/20
On Tuesday, 17 March, legislators approved new mass surveillance policies that allow the regime to track the location of citizens by monitoring their mobile phones.
Benjamin Netanyahu had outlined his plans the previous weekend.
The technology, which was originally developed to assist in counter-terrorism operations, is thought to be able to track the physical location of all mobiles in the country, as well as monitor calls and messages.
According to digital rights group, 7amleh, it is also capable of accessing citizens cameras and headsets. 68
68 [68] committing mass violations of digital rights, especially the right to privacy, under the pretext of managing the health crisis caused by the Coronavirus – 7amleh[61]
Thailand – 17/03/20
Arrivals to high risk areas of Thailand were given a SIM card that tracks their location for 14 days.
Ecuador – 17/03/20
Interior Minister María Paula Romo announced that police would begin to use satellite tracking to ensure citizens did not breach the “epidemiological fence”, according to a report by Ecuador TV.[62]
Privacy International later reported that the measure “authorized tracking mobile phones via GPS satellite to ensure that citizens do not break mandatory quarantine after six violators were identified”.[63]
Germany – 17/03/19
Deutsche Telekom, the German mobile operator, announced that it was passing anonymized location data of its users to the Robert-Koch Institute, a research institute and government agency responsible for disease control and prevention.[64]
The move came after GDPR-enabling legislation was altered to allow the processing of personal data during an epidemic.
Austria – 17/03/20
Austrian mobile operators reportedly began sharing anonymized mobile location data with Austrian authorities.[65]
Like the initiatives in Germany and the UK, the measure uses location data to determine whether or not citizens were restricting travel and following government advice.
South Korea – 16/03/02
Korean telecommunication companies and credit card companies reportedly shared data with public health authorities to assist tracking the movement of its citizens.[66]
It followed earlier reports that South Korea had launched a location-tracking mobile app to monitor citizens on lockdown to help contain the outbreak.[67]
In a story by The Guardian, text messages sent by health authorities and local district offices were also reportedly exposing “an avalanche of personal information and are fueling social stigma”.[68]
Italy – 14/03/20
Like Germany, the UK and Austria, Italian mobile operators have also been shown to be sharing aggregated location data with health ministries.[69]
The location data is thought to have to helped local authorities monitor citizens’ compliance with lockdowns.
Over 40,000 Italians have been found to be violating the lockdown, The Guardian reported.[70]
Belgium – 12/03/20
The Belgian government confirmed in March that it would allow local mobile operators to share anonymized location data with a third party to help track infections.[71]
The following week, a group of technology entrepreneurs argued in favor of creating a mobile app to track and regulate individuals’ movement based on their health status.[72]
Kenya – 08/03/20
“Authorities in Kenya have been tracking mobile phones of people suspected to have Covid-19 as a way of enforcing a 14-day mandatory isolation period,” the BBC reported.[73]
South Korea – 06/03/20
A new mobile app in South Korea used location-based services to track citizens’ movements. The app “will also use GPS to keep track of their location to make sure they are not breaking their quarantine”, according to the MIT Technology Review.[74]
Iran – 03/03/20
Iranian citizens received a notification in early March about a new mobile app supposedly from the Ministry of Health.
The app, called AC19, was created by the same developer that has made clones of Telegram in the past.
The app is thought to have collected citizens’ live location data and may have shared that with the authorities in Iran to track users’ movement.
“Of course, the app couldn’t tell citizens if they had coronavirus. But what it could do is hoover up huge amounts of data on citizens, including names, addresses, dates of birth, and even track people’s location in real time.” – VICE[75]
The following week, the app was removed from Google’s Play Store.
Singapore – 01/03/20
Singapore’s Ministry of Health made information about victims of the virus available to the public at the end of February. A developer then turned this location data into an interactive map so that citizens’ could track the location of those infected.
The map quickly went viral, raising fears that it could lead to discrimination, stigmatization and gross digital privacy violations.
“We must demand more from authorities as the role of big data and technology in humanitarian response matures.” – Access Now[76]
Taiwan – 18/02/20
All medical facilities were granted access to patients’ travel histories by combining data from the National Health Insurance Administration and Immigration Agency on February 18, ABC News reported.[77]
The report also suggests that those required to self-quarantine were “monitored through their cellphones”.
The cabinet spokeswoman told The Guardian that they “are not using advanced surveillance technology. It’s simply tracking based on their phone’s SIM cards and their nearby base stations.”[78]
The country’s response to the virus has been praised by many, although concerns regarding the high degree of mass surveillance remain in some quarters.[79]
Netanyahu referenced Taiwan’s use of accessing cellular location data in his address to the nation that outlined his more draconian approach.
