South African health authorities will have access to cellphone data of any suspected COVID-19 case within the country. Since a national disaster response law went into effect on March 26th, companies like Telkom and Samsung have reportedly started offering cellphone data of 1,500 customers to the authorities.
The content of electronic communications are off limits. But location and movement data, as well as personal identifiers including name, identity number/passport number, cellphone number, and COVID-19 test results will be stored in a database. Also, personal details of all known or suspected contacts of anyone who has tested positive for the virus will be collected.
Why is this allowed? It would seem an invasion of privacy for the government to be able to track individuals via location data. Cellphone companies must give the required information to the government without seeking users’ consent. However, the government appears to have evaluated the measure as necessary for efficient contact tracing, one of the key processes necessary for containing the spread of the virus. The country has discovered 1,462 cases from over 47,000 tests. Taking advantage of a 21-day lockdown, the tracing of phone data is ostensibly going to further curb community transmission. About 19 countries – including South Korea, Germany, Italy and Israel – are using cellphone data to track the coronavirus.
The law states that all data collected must be deleted “within six weeks after the national state of disaster has lapsed, or has been terminated, notify every person whose information has been obtained… that information regarding their location or movements was obtained in terms of the subregulation.” Will this become a model for other African countries?