Workshop Report: Privacy & Pandemics – Responsible Use of Data During Times of Crisis

In October 2020, the Future of Privacy Forum (FPF) convened a virtual workshop entitled “Privacy and Pandemics: Responsible Uses of Technology and Health Data During Times of Crisis” with invited computer science, privacy law, public policy, social science, and health information experts from around the world to examine benefits, risks, and strategies for the collection and use of data in support of public health initiatives in response to COVID-19 and for consideration of future public health crises. With support from the National Science Foundation, Intel Corporation, Duke Sanford School of Public Policy, and Dublin City University’s SFI ADAPT Research Centre, the workshop identified research priorities to improve data governance systems and structures in the context of the COVID-19 pandemic. 

To learn more about FPF’s work related to privacy and pandemics, please visit the Privacy & Pandemics page.

Drawing on the expertise of workshop participant submissions and session discussions, FPF prepared a workshop report which was submitted to the National Science Foundation for use in planning the Convergence Accelerator 2021 Workshops. This NSF program aims to speed the transition of convergence research into practice to address grand challenges of national importance. The final submitted workshop report is also available on our website.

Based on analysis of expert positions reflected in the workshop, FPF recommends NSF consider the following roadmap for research, practice improvements, and development of privacy-preserving products and services to inform responses to the COVID-19 crisis and in preparation for future pandemics or other public crises:

• Support the refinement and application of existing privacy-preserving and privacy- enhancing technologies that can support public health goals while mitigating privacy risks, including: decentralized contact tracing, homomorphic encryption, and differential privacy;
• Support the development of emerging privacy-enhancing technologies that hold promise in the public health sphere, including: synthetic data, controlled access environments, digital twins, and simulations;
• Support cross-disciplinary research into privacy-protective approaches to key emerging technologies, including: Wireless Sensor Networks and data processing strategies for on- device and/or centralized analysis of personal health information;
• Explore mechanisms to balance the need for increased access to data that allows researchers to understand the differential impacts of crises on certain communities by not obscuring critical community characteristics with privacy-enhancing technologies;
• Convene cross-disciplinary experts to create and refine guidance for implementation of privacy protections suited to crisis situations;
• Identify top-priority updates to laws and regulations pertaining to public health;
• Explore mechanisms that promote data interoperability while promoting privacy;
• Promote the development of promising de-identification technologies and mitigation strategies to address re-identification risks;
• Promote practical, implementable ethical frameworks that go beyond the FAIR principles; and
• Identify practical lessons learned during the COVID-19 pandemic regarding publication ethics and norms for research in a time of crisis that can apply to future crises.

To learn more about the Privacy & Pandemics conference, including information about the topics, participants, sessions, presentations, and to read the final workshop report, head to the event page.