Some narratives around privacy during the COVID19 pandemic appear to be offering up a binary choice between the choice between the health of a population versus the privacy of a few. However, it need not be a binary choice, and there can be some norms, checks and balances to ring-fence any violations of privacy by governments. MediaNama held an online event on discussing Privacy in the era of COVID19, on April 29, 2020, with participation of key stakeholders from law and policy, to discuss these norms. The discussion was supported by the Internet Society, Google, Facebook and the Centre for Communications Governance at NLU, Delhi. Norms for disease surveillance and contact tracing Anonymise data as early and as well as possible, according to Rahul Matthan. "The best way is to anonymise data," Shweta Reddy from CIS added, but warned that "there are questions around the effectiveness of anonymisation. Research by Sean McDonald indicates that the only way call data records data during the Ebola crisis were usable was with de-anonymisation of data. There need to be more technical conversations around anonymisation and utility." Divij Joshi pointed out that there is no clarity on what kind of anonymisation techniques are being used in contact tracing apps, and that "The government has used anonymisation as a substitute for de-identification." Data minimisation: Collect only what you need, Sreenidhi Srinivasan, Ikigai Law. For example, contact tracing doesn’t require location. You only need proximity data. You don’t need direct identification of individuals. Try and avoid…
