Coronamelder app

The CoronaMelder app: an internalized violation of privacy?

13 minutes to read
Paper
Ilse van Knegsel
08/11/2021

“CoronaMelder is getting more important, but the majority of people is ignoring notifications.”  This headline appeared in the Dutch news in June 2021. CoronaMelder – the app that traces COVID infections – is a hot topic, but, as it turns out, Dutch inhabitants are not very willing to use the application, which does not improve the effectiveness of the system. But why is this? A possible reason for the low willingness of using CoronaMelder is the preceived violation of privacy (RTL Nieuws, 2021; Schellevis, 2020).

Privacy can be understood as a human right (Lyn, 2015; Marwick & Boyd, 2014). People need some form of anonymity in their lives, but the development of social media has threatened this anonymity. We have gotten used to sharing our daily business on platforms like Instagram and Facebook, and to being monitored by organizations that tailor their advertisements to our online behavior. Sharing information that we once perceived as very personal, has become an everyday activity (Lyon, 2015; Marwick & Boyd, 2014), and surveillance techniques have also become normalized.

Privacy has changed, but that does not immediately imply that we do not need it anymore (Lyon, 2015; Marwick & Boyd, 2014). Does the CoronaMelder app cross our boundaries regarding privacy? Or, as will be the research question of this paper, have we internalized surveillance techniques like CoronaMelder, and do we not mind their privacy risks anymore? This will be discussed through a discourse analysis of the comments in the public debate about CoronaMelder.

Defining privacy in the age of the CoronaMelder app

Interpretations of privacy vary widely and privacy can, therefore, better be understood as a spectrum rather than a constant (Lyon, 2015). Common in all assumptions is that there exist different dimensions of privacy, and what amount of privacy can be understood as necessary depends on the context (Lyon, 2015). Besides a general assumption of what privacy exactly is, we can understand privacy as the right to be on your own; to have some anonymity. It can be understood as the right to be yourself outside the reach of those in power.

Having privacy is a public good rather than a personal matter. What is known about people in society and by whom, is a matter of public importance (Lyon, 2015). If our personal data is used by authorities, the control is out of our hands (Harcourt, 2015). For example, if the government knows people’s phone numbers and uses these to monitor their everyday behavior, we, the society as a whole, will perceive this as a normal thing. By internalizing this controlling behavior, over time, everyone will think this is normal instead of privacy-violating. Not being monitored is, therefore, not a personal matter, but a matter of democracy because it affects everyone (Lyon, 2015).

 

The development of social media and the consequences for our privacy

Traditionally, privacy has been an individualistic good. In the pre-social media era, people had to be pushed to share information with stakeholders. Personal data was harder to retrieve. This is not the case anymore in our contemporary society. Online, we are spreading complete networks of personal data. Traditional privacy, consequently, turned into the so-called networked privacy (Marwick & Boyd, 2014).

People, thus, do not have anonymity by default anymore. Since the development of social media, we voluntarily share personal data about ourselves online because we enjoy it. People like to share information about themselves facilitated by social media. By disclosing personal data, the information is out in the open and can be used by (governmental) organizations. We do not have the ownership, and therefore, the control over our personal data anymore (Harcourt, 2015).

Based on the assumption of networked privacy, the availability of the right of anonymity depends largely on how we handle social media ourselves. In democracies, people have a universal right to privacy, but people should gatekeep this privacy themselves (Marwick & Boyd, 2014). If you post information about yourself, organizations can use it, if you do not, they cannot. People now have tactics and strategies to manage what information is public and what should stay private.

With the rise of digital developments like social media, surveilling inhabitants became easier for authorities (Lyon, 2015). Online, we leave many traces that lead to us, like computer IP addresses, and personal data like phone numbers. Not only are landscapes of surveillance facilitated but also the need for surveillance has increased since the 9/11 terrorist attacks. The collective fear of terrorism normalized mass surveillance (Jones, 2017). Once a specific type of behavior is stimulated enough, it becomes common behavior among people. Surveillant landscapes are a way to introduce new norms into society and to keep an eye on people (Jones, 2017). An example of such surveillant techniques is the Dutch CoronaMelder app.

Tracking app CoronaMelder                                                 

Self-tracking is a way to get to know yourself and your habits. By self-tracking, people can discover hidden patterns in their behavior that they want to change (Lupton, 2014). Through tracking, these patterns can easily be identified and acted upon. This motivates the user – the so-called reflexive monitoring self – to keep reflecting on achievements to be the best version of themselves that they can be (Lupton, 2014).

However, the process of monitoring personal data has evolved over time. Where it once served more as a personal diary, self-tracking can now also be used by third parties who collect, archive, and sell tracked data (Lupton, 2014). Just like other societal surveillant landscapes, these systems can become internalized by inhabitants of society. We can get used to being tracked by organizations.

Not mentioning privacy issues in the public discourse indicates that sharing personal information, has become normal in our everyday lives

An example of a self-tracking app is the CoronaMelder app. This app was introduced by Dutch governmental organization Rijksoverheid. The app uses Bluetooth to know when you have been near a person who was later diagnosed with COVID-19 (Rijksoverheid, 2021). When you install the application on your smartphone, the CoronaMelder app creates a personal code that does not contain any personal information at all (Rijksoverheid, 2021). However, when you have been in contact with someone who later discovered they were carrying the virus around that time, the app retrieves your location and time of that moment to send you an alarm. This data is used by the government, and the control over the data is, thus, out of our hands. This is why Dutch citizens had their objections against the launching of this app.

In the next section of this paper, it will be researched if we have internalized the violation of privacy as a result of being monitored by tracking apps. Do we still mind if our privacy is being violated, or do we think that this is normal? The research will be performed through a discourse analysis of the public debate regarding the tracking app CoronaMelder. The comment sections on Facebook and Twitter below articles of Dutch news source NOS and news website NU.nl will be analyzed.

 

Facebook of NOS before the launch of CoronaMelder

When the media announced the upcoming launch of the CoronaMelder app, the responses among people varied a lot. Some expressed their happiness about the perspective of beating COVID through the app, but not all people were convinced about the effectiveness of the system. “No way that I will install such an app on my phone”, “Everyone should refuse using this app”, and “Why for God’s sake would people install this app?”, are all responses to the announcement of the launch of CoronaMelder. Several comments were explicitly or implicitly about the privacy issues that accompany the use of the app. It could thus be concluded that people were concerned about their privacy before the CoronaMelder was even launched. However, the majority of people were concerned about the effectiveness of the app rather than their privacy. The privacy-related comments only made up 11 of 525 responses to the post (Figure 1).

Figure 1. Privacy-related comments below post about the plans to launch CoronaMelder

 

Facebook of NOS after the launch of CoronaMelder

Most responses to articles after the launch of CoronaMelder were about the ineffectiveness of the application. In a comment section of 771 responses, only two of them were explicitly stating privacy issues. The first states that this user will never use the app because he or she believes that the application is launched for the government to regulate and condition the inhabitants of the Netherlands, and also the second one does not trust the purposes of CoronaMelder (Figure 2).

Figure 2. Privacy-related comments below the post about people’s experiences with the app

Also, in the posts of the NOS on October 19th about the troubles of the use of the CoronaMelder, almost all negative responses were about the deficiencies of the application. It seemed that the app does not work on older smartphones, and can, therefore, not be used by everyone. People think it is a waste of money since so many people cannot use CoronaMelder. Only one of the 196 comments in the comment section below the first post explicitly stated objections against the app because of privacy issues (Figure 3), and also the second post only contains one comment out of 203 that explicitly states violations of privacy (Figure 4).

Figure 3.  Privacy-related comment on Facebook

Figure 4. Privacy-related comment on Facebook

In May 2021, the Ministry of Public Health, Well-being, and Sports announced that the CoronaMelder app will also be used as a vaccine passport for traveling abroad and entering large events. Therefore, Rijksoverheid published another Facebook post for motivating people to download the app. Also, below this post, the comment section contains only one negative reaction regarding privacy (Figure 5)

Figure 5. Privacy-related comment on Facebook

 

NOS on Twitter after the launch of CoronaMelder

News organization NOS is also active on Twitter, and since Twitter is known as a platform where people document their feelings and are likely to spread their (sometimes unfounded) opinions (Liu, Cheung, & Lee, 2010), Twitter was thought to be the source to see the most negative comments regarding privacy issues. However, the comment sections of the NOS’s Twitter are not as popular as the comment sections of the Facebook page. People are mostly questioning the necessity of using such an app rather than discussing privacy violations. The ones that did, just like the Twitter user in Figure 6, are receiving lots of counterarguments about Twitter being less privacy-friendly than CoronaMelder.

Figure 6. Tweet about the launch of CoronaMelder

Furthermore, another NOS publication just after the launch of the app has been analyzed. In the comment section of this article, not necessarily the privacy violations were discussed, but the focus was again more on the functionality of CoronaMelder. People did not understand how the app is tracking COVID-19 infections and were therefore not ready to use it. Just like the previously analyzed Twitter post, the most common counterargument against people who were questioning their privacy was the fact that anonymity (in their eyes) did not exist anymore at all, as can be seen in Figure 7 and Figure 8.

Figure 7. Tweets regarding privacy issues of CoronaMelder

Figure 8. Comments below the tweet of NOS about the high download numbers of CoronaMelder

 

NU.nl after the launch of CoronaMelder

Moreover, NU.nl, a Dutch news website that publishes news articles from several different news sources all on one platform, reported about the CoronaMelder app as well. The comment sections of two articles are looked at to identify the motivations of people for not using CoronaMelder. The comment section of the first article consists of 188 items, and only 11 of them (Figure 9) contain explicit references to privacy issues.  

Figure 9. Discussion about privacy issues below the publication of NU.nl about the R-value

The second article of NU.nl that is analyzed, contains specific information about the possible privacy issues. The comment section of this publication, consequently, contains many responses where objections regarding privacy are expressed. Several of these comments are presented in Figure 10. Because of the content of this article, the collection of responses might not be an accurate representation of the actual distribution of opinions in favor or against using CoronaMelder. The content stimulates the reader to give their opinion on privacy, so this invites ‘I told you so’-comments.  

Figure 10. Discussion section below the NU.nl article about privacy issues with CoronaMelder

 

Discussion and conclusion: internalized privacy violations because of CoronaMelder?

After analyzing the discourses regarding CoronaMelder, it became clear that people were concerned about their privacy before the tracking app was even launched. Concerns regarding CoronaMelder were mostly about its effectiveness and usefulness rather than the privacy issues. Arguments that people had against the app that were actually about privacy, were mostly about leaking data.

However, CoronaMelder is perfectly safe since no data is stored in the first place. Only when a COVID infection is identified near you, your location and unique app code will be retrieved to send an alarm. This data is not stored, but when a leak occurs in the in-app security, the data can be retrieved and misused by third parties. This possibility could be a reason for people to be mindful in their decision whether or not to use CoronaMelder. However, when there are only very few suspicions of a data leak, as has happened in April 2021, Rijksoverheid immediately stops the data retrieving, to make sure data leaking is prevented or limited to the bare minimum (Rijksoverheid, 2021). Because of the responsiveness of Rijksoverheid, the chance for these situations to occur are very little.

Not mentioning privacy issues in the public discourse indicates that sharing personal information, has become normal in our everyday lives, as was also concluded from earlier research (Lyon, 2015; Marwick & Boyd, 2014). Besides, a general observation that has been made in the current analysis is that people perceive anonymity and privacy already as non-existing concepts. It could be possible that privacy-violating systems were, therefore, already normalized before the launch of CoronaMelder, since people, in general, do not see privacy as the most prominent issue of the application.

Concluding from the discourse analysis of the comment sections of news organizations NOS and NU.nl, it can be stated that people did not really internalize monitoring as normal after the launch of CoronaMelder. After discussing the analysis, it seems that people do not mind the potential privacy issues, but as could be seen, even before the launch, there were relatively few negative responses to the launch of the app regarding violations of privacy. The majority of arguments against using CoronaMelder were concerning the effectiveness and usability of the app rather than privacy issues. And also after launching CoronaMelder, the majority of negative comments were about deficiencies of the app. Thus, we might have internalized privacy violations because of tracking apps, but this is not specifically a result of CoronaMelder.

 

References

Harcourt, B., E. (2015). Exposed. Desire and disobedience in the digital age, pp. 1-28. Cambridge, MA: Harvard University Press.

Jones, R. H. (2017). Surveillant landscapes. Linguistic Landscape, 3(2), 149-186.

Liu, I. L., Cheung, C. M., & Lee, M. K. (2010). Understanding Twitter Usage: What Drive People Continue to Tweet. Pacis, 92, 928-939.

Lupton, D. (2014). Self-tracking modes: Reflexive self-monitoring and data practices. Available at SSRN 2483549.

Marwick, A. E., & Boyd, D. (2014). Networked privacy: How teenagers negotiate context in social media. New media & society, 16(7), 1051-1067.

Van Dijck, J. (2014). Datafication, dataism and dataveillance: Big Data between scientific paradigm and ideology. Surveillance & Society 12(2), 197-208.