The whole story finally begins and ends with the consent. Although the state had the ambition to even track metadata without limitation, the final version is modest and will not even be implemented without the consent of a particular customer.
Consent and again consent
We have already indicated on our site that tracking citizens and monitoring their mobile phones via carrier data, is not easy to set up. The current GDRP rules are deeply embedded in personal protection, and the state has not yet succeeded in breaking this barrier. Even though initial design to monitor citizens who are to be quarantined or who are positive for their feedback was built on broad metadata, but ultimately there is no such major intervention.
If a state could also extract data other than location and movement 14 days back, theoretically, he would have a conversation or a person's calls, for example. And that would be a radical breach of privacy.
After a wave of criticism for obtaining such broadly defined data, it came treatmentthat will detect only the name, surname and location (movement) of a particular person. All in order to find out where and with whom a person is found to be positive for the new COVID-19.
Only after consent has been given
In the end, however, he wins the third modelthat will function, so that the call center calls the customer, who is also tested positively, will ask for his consent to provide location data retrospectively and after that consent gets, data goes to the public health office.
It will locate and analyze the entire history of history in order to find everyone who can either be infected or quarantine. This is otherwise happening now, only the data is positively tested by the tested person himself, he must remember where and with whom he met.
The new model will be easier in that its movement is defined by the operator through its own BTS network. However, it is not possible to talk about precision, technically it should be hundreds of meters to several kilometers, depending on the location and mutual distances of the BTS stations. The entire system is set up to operate temporarily for the duration of an emergency or medical emergency, but no later than 31 December 2020.
Although the law is not directly linked to a specific control mechanism in the published version yet, it is assumed that each record will have an audio track that accurately identifies consent. It will be possible to verify what data has been used, whether consent has been given, who gave it and, if appropriate, what other limitations have been in the case.
Anyway, when practice shows in the coming days, whether it is a helper or a potential threat to our privacy. As the consent model is chosen and there is no forcible breach of citizens' privacy, this tool can be recommended, it can temporarily help. Conversely, if it does not bring aid, it must be canceled immediately, at least as quickly as it was put into practice today in one day.
Let us also recall the already established Czech practice, which goes in a similar direction, where the data are deleted after they meet their target after six hours. In this case, the goal is to identify other potentially infected people from the positive patient's motion map.
source photo: packworld.com