Teresa Scassa - Blog

Displaying items by tag: contact tracing


Early in the COVID-19 pandemic, as discussions swirled around the adoption of exposure notification or contact-tracing apps (CT/EN apps), Jason Millar, Kelly Bronson and I, and our outstanding students, Tommy Friedlich and Ryan Mosoff, began to explore the privacy and socio-ethical implications related to the creation, adoption and deployment of these apps. As part of this research we gathered data about contact-tracing apps around the world. This week we are launching a website – Global Pandemic App Watch (GPAW) – that uses some of the data we have gathered to provide a global look at the state of adoption of CT/EN apps. The website hosts three main maps; each focuses on different issues. There is also a series of country pages providing additional information about CT/EN apps adopted in different countries. GPAW is a work in progress. Gaining access to meaningful data on use and adoption of apps has been difficult, in part because in many jurisdictions good data is not being collected or, if collected, is not shared. Language has been a barrier to obtaining information in some cases. This is also a rapidly evolving area so that it is possible to miss or be behind with respect to new developments. Our focus is on apps, and not on more complex multi-technology disease and human surveillance strategies; these latter are not represented on the map. However, we believe that GPAW offers an interesting perspective on CT/EN apps.

One issue facing governments that adopt contact tracing or exposure notification apps is what underlying technology to use. Singapore’s early TraceTogether app offered a centralized model that proved interesting to other governments. Australia has been its most notable adopter. The province of Alberta in Canada adopted an app based on TraceTogether, although its future is now in doubt. Other countries considered the development of their own apps, exploring options – usually with local developers – that would integrate in different ways with public health agency needs. Some of these countries have proceeded with their own apps (e.g. France). Others faced public pressure and backed away from apps that might collect and store data centrally (e.g. Germany). The Google-Apple Exposure Notification (GAEN) API, which evolved in this period, offered a model of decentralized data storage that was touted as more privacy-friendly. GAEN (and particularly the more recent Exposure Notification Express) also streamlines the app development process making it easier to adopt. Nevertheless, because of the fully decentralized model, it is more difficult to integrate GAEN with broader goals or data needs of public health authorities.

Although the GAEN garnered considerable attention, a glance at our first map shows that its adoption is far from universal. Many other countries have chosen different options. We are interested in this diversity of apps. As noted above, there may be reasons to choose a more centralized model in order to better integrate a CT/EN app with public health agency activities. We suspect that there is also interest in many jurisdictions in using a CT/EN app as a vehicle for supporting local IT developers. The GAEN model perhaps responds best to concerns over privacy and civil liberties; it is interesting to see that its adoption is strong in the EU and in Canada where such concerns may be heightened. Several US states have also adopted or are in the process of adopting GAEN-based contact tracing apps.

Another feature of the first map that we wish to highlight is the interesting challenge posed by federal states. Canada is shown as uniformly adopting a GAEN model, but this does not reflect the story of how it moved in this direction. As noted earlier, Alberta was an early adopter of a different sort of app based on Singapore’s TraceTogether API. Ontario was the first to adopt the federal COVIDAlert. Other provinces have since announced that they will follow suit, including Alberta, but adoption is not yet universal across the country. The US is represented on the map as “various” because it too is a federal state, and no national app has been adopted. Some states have begun to adopt or develop their own apps (these developments are reported on a separate US Map.) Suffice it to say – federalism presents unique challenges. Where different apps are adopted in a single country or region, there can be issues of interoperability. This pits broader concerns about functionality against issues of regional autonomy. The Canadian and US stories around app adoption would make an interesting comparison. The EU, with its multiple apps and free movement of citizens within the EU is similarly an interesting case study in this regard.

Our second map visualizes uptake. CT/EN apps require significant levels of adoption to be useful, although there are differences of opinion as to what level of adoption is optimal. We have found it challenging to get accurate data about adoption levels and our map reflects this. Where data is available, numbers tend to be relatively low, although it will be interesting to see if a second wave (or third in some countries) pushes adoption to higher levels – and at what rate. It is interesting to consider what may lie behind poor access to adoption data. A lack of transparency about the metrics for evaluating the success/failure of these rapidly deployed technologies is worrisome. It may be that providing such data is a low priority in a pandemic; it may also be that governments do not wish to potentially discourage adoption by revealing low uptake numbers. Some countries, have had much better adoption rates than others. It would be interesting to consider why this might be the case. Are higher adoption rates related to greater trust in government? Greater concerns about the pandemic? Better government messaging?

Our final map looks at whether CT/EN apps have been made optional or mandatory in the countries in which they have been launched. This has been a hot button issue. Some groups or individuals have argued for making such apps mandatory in order to meet public health objectives. Others have raised civil liberties concerns. Underlying this, of course, is the reality that the technology on which these apps operate is not universally available. It would be difficult to make mandatory an app if not everyone could comply because they did not have a smart phone with a compatible operating system. Some jurisdictions have begun to explore the adoption of ‘fob’ technologies that could give greater access to contact tracing applications. Our map shows that currently only one country has adopted a mandatory CT/EN app. The overwhelming majority are voluntary. That said, we have begun to hear of cases in which the use of these apps is required by employers who are looking for tools to track exposure within the workplace, undermining their voluntary nature. As far as we are aware, only Australia has addressed this function-creep in specific app-related legislation.

The actual usefulness of CT/EN apps remains an open question. Concerns have been raised about their technological deficiencies leading to potential false positives and false negatives. It is not clear whether CT apps actually catch many cases not already caught by manual contact-tracing activities. Of course, when normal contact tracing starts to buckle under pressure from a second wave, as is the case now in Ontario, the app takes on a greater role. Nevertheless, with GAEN apps, there is no two-way interface with the public health system. It would be interesting to know how many people receive notifications through the app, and how many of those present themselves for testing – or take recommended actions such as self-quarantining. It would be useful to have a variety of data to assess the reliability and effectiveness of these technologies, but it is not clear that such data will be collected by governments or public health authorities or, if it is collected, whether it will be made readily available.

We hope that you will find our maps interesting and useful. The country pages, as they develop will provide additional information, as well as links to numerous articles and other materials about the apps that we have been collecting since the beginning of the pandemic. We think the project raises a number of interesting unanswered questions that will linger well into the future. Our current plan is to update the site weekly. There is space on the site to provide feedback, comments, and even data should you have it to share.

Our work has been generously supported This project is partially funded by the Scotiabank Fund for AI and Society at the University of Ottawa, SSHRC and the Centre for Law, Technology and Society at the University of Ottawa.

Published in Privacy

On May 29, 2020 I was invited to a meeting of the House of Commons INDU Committee which is considering Canada's response to the COVID-19 Pandemic. On May 29, it was focusing its attention on contact tracing apps. A copy of my brief oral presentation is below. The videotape of the hearing and the Q & A with fellow invitee Michael Bryant of the Canadian Civil Liberties Association can be found here.


Speaking Notes for Teresa Scassa, Canada Research Chair in Information Law and Policy, University of Ottawa, INDU – Canadian Response to the COVID-19 Pandemic, May 29, 2020

Thank you, Madame Chair and Committee members for the opportunity to address this committee on privacy in Canada’s COVID-19 response.

We are currently in a situation in which Canadians are very vulnerable – economically, socially, and in terms of their physical and mental health. Canadians know that sacrifices are necessary to address this crisis – and have already made sacrifices of different magnitudes. Most Canadians accept that this is necessary to save lives and to begin to return to ‘normal’. They accept that some degree of privacy may need to be sacrificed in some contexts. But there is no binary choice between privacy and no privacy. Instead, there must be a careful balancing of privacy with other public interests.

There are two overarching privacy concerns when it comes to Canada’s response to the pandemic. The first is that there is a risk that poorly thought out collection, use or disclosure of personal information will create privacy and security vulnerabilities with little real benefit, or with benefits disproportionate to risks and harms. The second is that the pandemic may lead to the introduction of data gathering or processing technologies that will create a ‘new normal’ leading to even greater inroads on privacy, dignity and autonomy. Importantly, surveillance often has the most significant adverse impacts on the most vulnerable in our society.

The pandemic context raises a broad range of privacy issues, from government or law enforcement access to location and personal health information, to contact tracing apps and beyond. As we begin the ‘return to normal’, we will also see issues of workplace surveillance, as well as tracking tools and technologies used to help determine who gets into stores, who receives services, or who gets on airplanes. Personal health information, generally considered to be among our most sensitive personal information, may become a currency we are required to use in order to carry out ordinary daily activities.

Since I am limited only to 5 minutes, I would like to tease out 3 main themes.

1) A first theme is trust. “Trust” is referenced in the Digital Charter and is essential when asking Canadians to share personal information with government. But trust is complicated by a pandemic context in which issues evolve rapidly and are often unprecedented. One thing that trust requires is transparency, and governments have struggled with transparency – whether it is with respect to sharing data that models the spread of COVID-19 with the public or (as was the case of Alberta) launching a contact-tracing app without releasing the Privacy Impact Assessment. Transparency is essential to trust.

2) A second theme is necessity and proportionality. The Privacy Commissioner of Canada, along with his provincial and territorial counterparts, supports an approach to privacy based on necessity and proportionality. This is derived from the human rights context. Necessity and proportionality provide a robust analytical framework for balancing privacy rights against other public interests, and should already be part of an amended Privacy Act.

The importance of this approach cannot be overemphasized. We are in a data driven society. It is easy to become enthused about technological solutions, and innovators promise that data analytics, including AI, can solve many of our problems. We need to remember that while technology can provide astonishing benefits, there is already a long history of poorly designed, poorly implemented, and often rushed technological solutions that have created significant risks and harms. Novel technological solutions often fail. This is becoming a reality, for example, with many recently launched national contact tracing apps. Rushed, flawed schemes to harvest personal data – even if for laudable goals – will erode trust at best and cause harm at worst.

This is why clear guidelines – such as those developed by the Commissioners – are crucial. There should be an emphasis on purpose and time-limited solutions that minimize privacy impacts.

3) A third theme is human rights. Privacy is closely tied to human rights, but this relationship is increasingly complex in a data driven society. Privacy laws govern data collection, use and disclosure, and it is increasingly common for data uses to have significant impacts on human rights and civil liberties, including the freedom of association, freedom of speech, and the right to be free from discrimination. Until recently, public conversations about contact tracing have been predominantly about government-adopted apps to deal with public health disease tracking. As businesses reopen and people go back to work, the conversation will shift to contact-tracing and disease monitoring in the private sector, including the possible use of so-called immunity passports. We will see workplace surveillance technologies as well as technologies that might be used to limit who can enter retail stores, who can access services, who can get on airplanes, and so on. While there are obviously serious public health and safety issues here, as well as issues important to economic recovery and the ability of people to return to work, there is also significant potential for harm, abuse, and injustice. Much of this private sector surveillance will be in areas under provincial jurisdiction, but by no means all of it. The federal government must play a leadership role in setting standards and imposing limitations.

I will end my remarks here and look forward to your questions.

Published in Privacy


Research for this article was made possible with the support of the Heinrich Boell Foundation Washington, DC.

This piece was originally published by Heinrich Boell Stiftung as part of their series on the broad impacts of the COVID-19 pandemic. The original publication can be found here.



A strong sense of regional sovereignty in the Canadian health care system may lead to different choices for technologies to track and contain the spread of the coronavirus. A multiplicity of non-interoperable apps could put their effectiveness in question and could create regional differences in approaches to privacy..

By Teresa Scassa

Canada’s national capital Ottawa is located in the province of Ontario but sits on the border with Quebec. As soon as restrictions on movement and activities due to the coronavirus begin to lift, the workforce will once again flow in both directions across a river that separates the two provinces. As with other countries around the world, Canada is debating how to use technology to prevent a second wave of infections. Yet as it stands right now, there is a chance that commuters between Ontario and Quebec could have different contact-tracing apps installed on their phone to track their movements, and that these apps might not be fully interoperable.

Innovation in contact-tracing apps is happening in real time, and amid serious concerns about privacy and security. In Canada, many provinces are on the threshold of adopting contact-tracing apps. Canadian app developers, building on technologies adopted elsewhere, will be offering solutions that rely on decentralized, centralized, or partially centralized data storage. At least one Canadian-built app proposes broader functionalities, including AI-enhancement. And, as is so often the case in Canada, its federal structure could lead to a multiplicity of different apps being adopted across the country. Similar challenges may be faced in the United States.

One app to rule them all?

Canada is a federal state, with 10 provinces and 3 territories. Under its constitution, health care is a matter of provincial jurisdiction, although the federal government regulates food and drug safety. It has also played a role in health care through its spending power, often linking federal health spending to particular priorities. However, when it comes to on-the-ground decision-making around the provision of health care services and public health on a regional level, the provinces are sovereign. Canadian federalism has been tested over the years by Quebec’s independence movement, and more recently by dissatisfaction from Western provinces, particularly Alberta. These tensions mean that co-operation and collaboration are not always top of mind.

When it comes to adoption of contact tracing apps, there is the distinct possibility in Canada that different provinces will make different choices. On May 1 Alberta became the first Canadian province to launch a contact tracing app. There have been reports, for example that New Brunswick is considering a contact tracing app from a local app developer, and the government of Newfoundland and Labrador has also indicated it is considering an app. Other governments contemplating contact tracing apps include Manitoba and Saskatchewan. The possibility that multiple different apps will be adopted across the country is heightened by reports that one municipal entity – Ottawa Public Health – may also have plans to adopt its own version of a contact-tracing app.

Although different contact-tracing apps may not seem like much of an issue with most Canadians under orders to stay home, as restrictions begin to loosen, the need for interoperability will become more acute. If non-interoperable contact-tracing apps were to be adopted in Ontario and Quebec (or even in Ontario, Quebec and Ottawa itself), their individual effectiveness would be substantially undermined. Similar situations could play out in border areas across the country, as well as more generally as Canadians begin to travel across the country.

On May 5, 2020, Doug Ford, the premier of Ontario, Canada’s most populous province, called for a national strategy for contact tracing apps in order to prevent fragmentation. His call for cohesion no doubt recognizes the extent to which Canada’s sometimes shambolic federalism could undermine collective public health goals. Yet with so many provinces headed in so many different directions, often with local app developers as partners, it remains to be seen what can be done to harmonize efforts.

Privacy and contact tracing in Canada

The international privacy debate around contact-tracing apps has centred on limiting the ability of governments to access data that reveals individuals’ patterns of movement and associations. Attention has focused on the differences between centralized and decentralized storage of data collected by contact-tracing apps. With decentralized data storage, all data is locally stored on the app user’s phone; public health authorities are able to carry out contact-tracing based on app data only through a complex technological process that keeps user identities and contacts obscure. This model would be supported by the Google/Apple API, and seems likely to be adopted in many EU states. These apps will erase contact data after it ceases to be relevant, and will cease to function at the end of the pandemic period.

By contrast, with centralized data storage, data about app registrants and their contacts is stored on a central server accessible to public health authorities. A compromise position is found with apps in which data is initially stored only on a user’s phone. If a user tests positive for COVID-19, their data is shared with authorities who then engage in contact-tracing. As an additional privacy protection, express consent can be required before users upload their data to central storage. This is a feature of both the Australian and Alberta models.

Decentralized storage has gained considerable traction in the EU where there are deep concerns about function creep and about the risk that user contact data could be used to create ‘social graphs’ of individuals. The European privacy debates are influenced by the General Data Protection Regulation (GDPR) and its shift toward greater individual control over personal data. In Canada, although the federal privacy commissioner has been advancing a ‘privacy as a human right’ approach to data protection, and although there has been considerable public frustration over the state of private sector data protection, little public sentiment seems to have galvanized around contact-tracing apps. Although Canadians have reacted strongly against perceived overcollection of personal data by public sector bodies in the past, in the pandemic context there seems to be a greater public willingness to accept some incursions on privacy for the public good. What incursions will be acceptable remains to be seen. The federal, provincial and territorial privacy commissioners (with the notable exception of the Alberta commissioner whose hands have been somewhat tied by the launch of the Alberta app) have issued a joint statement on the privacy requirements to be met by contact-tracing apps.

The Alberta contact-tracing app has received the cautious endorsement of the province’s Privacy Commissioner who described it as a “less intrusive” approach (presumably than full centralized storage). She noted that she had reviewed the Privacy Impact Assessment (PIA) (a study done to assess the privacy implications of the app), and was still seeking assurances that collected data would not be used for secondary purposes. She also indicated that the government had committed to the publication of a summary of the Privacy Impact Assessment, although no date was provided for its eventual publication.

Given the attention already paid to privacy in Europe and elsewhere, and given that Australia’s similar app was launched in conjunction with the public release of its full PIA, the Alberta launch should set off both privacy and transparency alarms in Canada. In a context in which decisions are made quickly and in which individuals are asked to sacrifice some measure of privacy for the public good, sound privacy decision-making, supported by full transparent PIAs, and an iterative process for rectifying privacy issues as they emerge, seems a minimum requirement. The release of the Alberta app has also created a gap in the common front of privacy commissioners, and raises questions about the interoperability of contact-tracing apps across Canada. It remains to be seen whether Canada’s federal structure will lead not just to different apps in different provinces, but to different levels of transparency and privacy as well.


Published in Privacy

Canadian Trademark Law

Published in 2015 by Lexis Nexis

Canadian Trademark Law 2d Edition

Buy on LexisNexis

Electronic Commerce and Internet Law in Canada, 2nd Edition

Published in 2012 by CCH Canadian Ltd.

Electronic Commerce and Internet Law in Canada

Buy on CCH Canadian

Intellectual Property for the 21st Century

Intellectual Property Law for the 21st Century:

Interdisciplinary Approaches

Purchase from Irwin Law