Have we given the tech giants the keys to our privacy and our medical secrets?

DISCLAIMER: All opinions in this column reflect the views of the author(s), not of EURACTIV Media network.

Stakeholder Opinion

A person holds a mobile phone while testing a coronavirus warning app in a lab of the University of Twente, in Enschede, The Netherlands, 30 June 2020. [EPA-EFE/VINCENT JANNINK]

For months, the world has been asking: how can we avoid a resurge of the pandemic, which would be catastrophic for our economies and well-being? Part of the answer lies in establishing a screening and tracking system for people who have been exposed, in order to prevent them from infecting those around them in turn, writes Pierre Pozzi Belforti.

Pierre Pozzi Belforti is a venture capital investor in the Silicon Valley and professor at Solvay Brussels Business School and at Sciences Politiques Paris.

Many European governments have turned to a digital solution, already established in China and other Asian countries: encouraging citizens to download a COVID-tracking application on their smartphone.

The question is, however, if these applications hide a fundamental problem. When downloading a tracing app, are we introducing a digital Trojan horse into our private lives? While the apps are called “free,” we should know that nothing is truly free in the digital world.

A customer will always pay for a service, one way or the other. In the digital world, this is often by giving unlimited access to all her or his personal information, possibly combined with a paid supplement via a subscription.

They say that the tracing apps will preserve our anonymity, because sensitive information is stored only on the smartphone. However, in reality, it is easy to associate the identity of the owner of a smartphone with his/her pseudonym.

It is striking to see how technology giants, not least two of the very largest, have seized on the opportunity to offer, together, an application to the authorities. We have never before seen a co-development agreement between the two fiercest competitors arise so quickly.

This willingness to cooperate is undoubtedly a testament to the desire to help build a screening system, but it might also hint at motives that are much more worrying for our free democratic societies.

Any tech entrepreneur and venture capital financier knows that the health sector offers some of the most lucrative income opportunities ahead for these companies. Investment bank Morgan Stanley estimates that the digital health businesses could generate annual revenues above $ 300 billion, just within the next seven years.

We should not take this lightly. Medical data is the kind of data we want and need to protect the most, as it is the “ultimate frontier” between our body, our most intimate data on our physical individuality, and the outside world.

Sadly, some tech companies are taking advantage of the COVID crisis and disarray it created with  European governments to break a taboo – and “normalize” the idea of access to the market for personal medical data by presenting it as a major help for detection of infected people, which was the true “soft spot” to approach and convince authorities given the urgency

All of this happened with very little open debate. National and European authorities, which pushed in good faith these mobile applications for COVID given the pandemic emergency, innocently and probably unknowingly contributed in opening the first breach on EU citizen’s most confidential data.

This should have resulted from a large and in-depth democratic debate at the European level very early on. There has certainly been debate in France, in the National Assembly, and it is ongoing in the House of Representatives in Belgium and in some other European countries.

However, a few national debates do not resolve the moral, ethical, social, and eminently strategic problems on Data sovereignty facing the European Union and its citizens.

No independent audit system has been put in place to ensure that collected medical information is deleted in a definitive way after use

No new EU rules have been imposed ensuring that it is not sold to other platforms or data processors, nor any penalties or fines in the event of breaches have been introduced as with GDPR.

Unfortunately, it is today a “fait accompli” that this highly sensitive data of EU citizens is   being captured by the American or Chinese tech giants through apps available on their platforms

The Hippocratic Oath taken by all doctors include the phrase

I will never cheat on their trust and will not use the power inherited from circumstances to force conscience.

I will give care to the needy, and whoever asks for it. I will not be swayed by the thirst for gain or the quest for glory.

Accepted in the privacy of people, I will withhold the secrets that will be entrusted to me. Received inside the houses, I will respect the secrets of the homes, and my conduct will not be used to corrupt manners. ”

Like doctors, today’s tech giants penetrate the most intimate parts of our lives; they are by our side day and night via the digital tools, which continuously accompany and monitor us.

Nevertheless, none of them seem ready to voluntarily follow the rules laid out by Hippocrates 25 centuries ago.

Tech giants do not promise to “respect household secrets”, not mislead trust, or exploit the power inherited from the circumstances.

On the contrary, their business models are based on surveillance capitalism, which captures all our most private information, including this additional breach into medical data, to exploit them commercially and, even more worryingly, to enhance personal “profiling” to the extreme with no respect for Privacy and in contravention of basic democratic laws and principles protecting each EU citizen.

In our democratic countries any law enforcement entity, from Police to European Drug Enforcement Agency to tax authorities, are subject to strict laws and existing jurisprudence, and mostly need a Court decision to be able to enter into our home, listen and record our conversations, read our correspondence, capture information on our medical data, etc.

Digital platforms do all this without limitations, without being subject to any legislation protecting our privacy except GDPR (which is not sufficient anymore and needs enlargement of scope and enhanced implementation by national authorities), without any sovereign public control nor independent audit over time.

How was this made possible, and are we still in time for our national and European politicians to turn the scales by firmly ensuring our values ​​and principles to protect the individual’s freedom and right not to be subject to such rapacious unlimited harvesting of private information and detailed profiling?

We must protect European citizens from a drift towards what some renowned specialists, like Harvard Professor Emeritus Shoshana Zuboff, have called “surveillance capitalism,”.

In addition to the unacceptable capture of all our information on our lives, now we risk additional seizing by the digital platforms of medical data that is private for us and truly strategic in terms of enhancing knowledge for Machine Learning and Data gathering, which are two key components of Artificial Intelligence sovereignty.

This will dramatically enhance their future intangible technological power over us, alongside another exponential growth of their financial profits, whilst “imprisoning” our EU citizens into applications that will be more and more impossible to renounce over time as they gain strength and presence in our daily lives, particularly when capturing the strategically vital digital “Med-tech” market share

Just on July 16, 2020 we learned that the US government is envisaging a ban on Chinese TikTok social media gaming application because it gathers too much private information from 37.2 million American users of the application in 2019, along with some other 60 applications.

The US is following India that, a few days earlier, has already banned TikTok and 60 other Chinese applications as well.

Clearly, this proves how far these digital applications, even as benign as gaming, can go without the public at large understanding the issues and the risks, whilst the authorities slowly realize the immensity of the “hidden world” of massive rapacious information gathering that exists “behind the scene” of supposedly benign, free applications.

It’s amazing and very sad to notice that, when it is a matter of protecting US citizen’s privacy, all measures are conceivable by its government including drastic one like banning an application, whereas not much has been done as of today within the EU on the massive data harvesting that EU citizens have been victims for over two decades by US and Chinese online platforms.

The EU Court of Justice ruling published on July 16, 2020, denouncing the US-EU data-sharing deal Privacy Shield as it fails to protect EU citizen’s Privacy, is clearly a signal that we need to dramatically strengthen our EU protection policies and avoid being too accommodating as the stakes are extreme.

Indeed, it is a new and unexpected massive geostrategic and vital challenge for the EU, of a scale that has no common ground with other challenges like immigration, terrorism or the new EU budget.

This challenge is emerging from the US and China’s highly competitive technological race for world supremacy, one that needs to be quickly understood by our top EU decision-makers in all its intricacies, fully grasped, and wisely confronted without delay by elaborating a clear, long-term vision and implementation strategy.

We must set up a system within the EU to ensure ultimate sovereignty and governance over technology within the European Union.

Only in this way can we protect our citizen’s freedom and full privacy, prevent possible social and economic discrimination, and avoid strategic enslavement of the EU by foreign technology platforms massively harvesting all our data and ultimately imposing unparalleled domination of our societies by foreign countries/blocs.

Last but not least, it is also the “mother of all battles” to ensure “Ultimate Mankind Sovereignty” over the emergence of a potentially ubiquitous and dominating  Artificial Intelligence that is on the horizon within 15 to 20 years, unless we take an assertive role and adopt an appropriate legislative framework to protect ourselves and our sovereignty both as humans and as EU citizens.

Politicians in Europe have a duty to tackle it quickly and without procrastination.

James Freeman Clarke, an American theologian, and author from the 19th century, said: “a politician thinks of the next election, a statesman thinks of the next generations.”

When projecting a vision for the EU into the 21st century’s increasingly unstable and unpredictable world, we definitely need more statesmen and stateswomen in Europe having the vision and courage to take our future in our hands.

In the coming 10 years, we must build a technologically sovereign and independent Europe, able to compete on equal footing with the other two main blocs wanting to dominate AI and Data, and be respected for its actions and admired for the defence of the « Ultimate Sovereignty » of its universal human and democratic values.

Subscribe to our newsletters