Your movements are being tracked down to the inch: Colleen Josephson and Yan Shvartzshnaider

By Aaron Nathans, Digital Media Editor
October 21, 2020

This article is from the podcast "Cookies: Tech Security & Privacy".

We take our mobile phones everywhere we go, and it’s become scary easy for services and apps to collect information about our movements. But there are limits to what these technologies can do; they work best outdoors.

Yan Shvartzshnaider portrait

Our guests in our first season finale episode are Yan Shvartzshnaider and Colleen Josephson. They recently wrote a fascinating piece for Princeton's Center for Information Technology Policy blog, Freedom To Tinker, about how a new technology embedded in the most recent generation of Apple iPhones has the technology to track the owner's movements, down to the inch, indoors.

Yan was recently a Visiting Associate Research Scholar at the aforementioned CITP. He is now an Assistant Professor and Faculty Fellow at the Courant Institute for Mathematical Sciences at New York University. Colleen is a doctoral student in electrical engineering at Stanford University.

 

Colleen Josephson portrait

The technology has consumer benefits, they say, such as helping people find a particular item within a large store. But, "Maybe you're not expecting to be tracked indoors in a particular building, but because you had it on for a different purpose, suddenly you are actually being tracked and your information, your location, your shopping patterns are being aggregated," Shvartzshnaider said.

Links:

"Every Move You Make, I'll Be Watching You: Privacy Implications of the Apple U1 Chip and Ultra Broadband," Freedom to Tinker blog, Dec. 21, 2019.

"How Digital Billboards Target Passersby (Hint: It's Cellphone Data)," NPR, Feb. 7, 2020.

"Twelve Million Phones, One Dataset, Zero Privacy," New York Times, Dec. 19, 2019.

"South Korea's tracking of COVID-19 Patients Raises Privacy Concerns," NPR, May 2, 2020.

 

Transcript:

Aaron Nathans:
From the Princeton University School of Engineering and Applied Science, this is Cookies, a podcast about technology security and privacy. On this podcast, we will discuss how technology has transformed our lives, from the way we connect with each other, to the way we shop, work, and consume entertainment. And we will discuss some of the hidden tradeoffs we make as we take advantage of these new tools.

Cookies, as you know, can be a tasty snack, but they can also be something that takes your data. We take our mobile phones everywhere we go, and it’s become scary easy for services and apps to collect information about our movements. But there are limits to what these technologies can do; they work best outdoors. Our guests today, Yan Shvartzshnaider and Colleen Josephson, recently wrote a fascinating piece for Princeton's blog, Freedom To Tinker, about how a new technology embedded in the most recent generation of Apple iPhones, has the technology to track the owner's movements, down to the inch, indoors.

Yan was recently a Visiting Associate Research Scholar at Princeton Center for Information Technology Policy. He is now an Assistant Professor and Faculty Fellow at the Courant Institute for Mathematical Sciences at New York University. Colleen is a doctoral student in electrical engineering at Stanford University. Let's get started. Yan, Colleen, welcome to the podcast.

Colleen Josephson:
Thank you.

Yan Shvartzshnaider:
Thank you, Aaron, great to be here.

Aaron:
So, why don't you tell us a little bit about how your phone has tracked you in recent years, before this new technology came about.

Colleen Josephson:
So, when you say tracking, I'm going to assume that you mean location tracking, and location tracking as we know it, has been using GPS satellites primarily, where the signal from the satellite talks to a GPS chip on your phone, and then it can localize you within a few meters. So, your phone is going to be dot, and the goal is to put that dot on a map representing where you are currently located in the world.

And one limitation with GPS, is that it can have limited accuracy. For example, in cities there are a lot of tall buildings and those can obstruct satellite signals, which leads to inaccuracies in your location. So, more recently, location API's, such as the one that Google provides, they can use sources of additional information such as signals from cell towers or WiFi access points, to increase location accuracy, especially in situations where GPS signals are not quite accurate enough to locate you accurately.

Aaron:
So, Yan, your phone tracks you in ways that you want it to track you, and it tracks you in ways that you may not be aware of. Can you talk a little bit about that?

Yan Shvartzshnaider:
Absolutely, and especially the ways that you are not expecting, is something that is being pervasive even more today with all the new technology. So stepping back from this question, in terms of just tracking, in terms of understanding what our expectations are, in different settings, this is something that I work on in my own research, understanding societal norms and user's privacy expectations when it comes to these technologies.

So, a lot of the times you might expect a technology that you're familiar with, to behave in a certain manner, but really in the background it actually does other things that you might not expect, and location tracking is one example of that, which is something that many of us are actually familiar with different apps, like the weather app or some other scenarios where it actually makes sense that a particular system will require to need to know your location, in order to provide you with some service. However, as this technology becomes available, there other ways that the developers of those systems essentially can utilize this information. For example, by sending it to third parties for aggregation and analysis about you, something that we hopefully will discuss more today.

Aaron:
So, Colleen, existing technologies can track your location outdoors a lot more easily than indoors, why is that?

Colleen Josephson:
Sure. Phones have difficulty tracking location indoors, primarily because GPS and cell signals have low strength indoors. WiFi signals can offer a little bit of help here, but the accuracy is limited because WiFi networks are designed for communication not location tracking.

Aaron:
So, we've got this new technology, I recently bought an Apple 11 edition, and it’s got this new chip in it, what is this chip and what does it do, and why would I benefit from it?

Colleen Josephson:
As we discussed, phones have some difficulty tracking location indoors, and what the Ultra Wideband chip does is it offers a solution to some of these indoor location woes. So, the Ultra Wideband of the name, comes from the fact these chips communicate using a very wide bandwidth of 500 megahertz or more. So, for comparison, a typical WiFi channel is only going to be about 20 megahertz, and the Ultra Wideband nature of this is important, because Ultra Wideband chips enable us to do accurate ranging. Ranging is something that is similar to echolocation in that it measures the time of flight between when your phone emits a ping, and when it arrives at a receiver. So, using that information, we know the speed that RF waves travel, so we can use that time of flight to infer how far away you are in one dimension.

The high bandwidth here is helpful, because it's going to fight something called multi-path interference. And multi-path is when the signal bounces off lots of surfaces in the environment. So, you're going to receive duplicate copies of the receiver, and this is a problem because multiple copies can collide and interfere with each other, which makes it difficult to get clean, noisy data. So, multi-path can cause your ranging data to be noisy. And what this Ultra Wideband lets you do is transmit really, really short impulses, which makes it less likely for these multi-path signals to collide with each other. So, now you'll have much less noisy ranging data.
I guess when you have bad ranging data, what it's going to lead to is, for example, if you ever use a map app, and you open it up, and there's this circle of uncertainty surrounding where you are, and over time it usually gets a little bit better, and the circle gets smaller and smaller until we're pretty sure where you are. But if you're in a situation with a lot of multi-path, there's a limit to how small that circle can be. And what the Ultra Wideband chip does is it lets you shrink that circle of certainty to smaller than it’s ever been before. So, basically, now instead of, I think, a traditional map app is going to locate you within, in the best case, 1-3 meters maybe, but now this location certainty is going to be within centimeters.

Aaron:
So, that could have some really good consumer benefits, right?

Colleen Josephson:
Yeah, so there's a lot of really great opportunities. I think the most compelling one is figuring out where you are within a complicated environment. So, streets are pretty wide, so you don't need to know too much about where you are to navigate effectively. But let's say that you go to a store and you want to find exactly where a particular product is, so this centimeter level accuracy can let you find a particular product, or let’s say that you're in an office, and you attach a Ultra Wideband chip to an important piece of equipment that gets easily lost, then you could use this Ultra Wideband infrastructure to find this lost piece of equipment. I think if you take it into the home think about losing your remote, now you could get, what this system would enable is basically telling you exactly where that lost remote is. So, no more tearing up the house.

Aaron:
So, that could be really useful, but there is another side to this, too, right? They are not necessarily doing this all for the consumer's benefit?

Colleen Josephson:
Yeah, definitely, and one of the questions is, once you, as a consumer, get out of it what you're expecting, what does the company do with the data afterwards? And I think that's something that Yan might have a bit to say about.

Yan Shvartzshnaider:
Thanks, Colleen. And yeah, absolutely, and what we see today, and that's really what got me interested in this project, is really how those technologies are being introduced without actually asking the questions about what would be appropriate in different scenarios. So, obviously, describing a scenario where you walk into a shop and it points you to a particular product or helps you navigate that environment, that's great, but maybe you to don't want to be, you don't want others to know that you went to that particular shop and actually looked at that particular product. This information obviously can then be collected, analyzed, and then maybe based on that, sent to an advertising agency that will suddenly will pop, well, fill your phone with advertisings about those particular products or related products of things maybe you didn't expect suddenly being offered to you.

So, certainly it can have a negative effect on consumer privacy, and something that we should be really aware of, and what's happening right now is that without actually consulting to the larger extent and just with flashy scenarios that essentially provide interesting benefits to the consumer, but also kind of hiding, as you would say, the other part of it, which we certainly have to have a debate about as a community. Those are not easy questions but certainly we're at the point where they should be discussed.

Aaron:
So, let me get this straight. So if I go to the grocery store and I walk into the tomato sauce aisle. And I see a specific brand and I begin to reach for it and I stand there for maybe a couple of seconds, and I don't pick it up and I move on, my phone might be sending the store a signal saying this person considered this brand of tomato sauce and I might get a coupon for that tomato sauce?

Colleen Josephson:
Yeah, that's within the realm of possibility. I would hesitate to say that it's your phone doing this. It's more like your phone is sending out signals anyway. And then the store is going to have to have pieces of equipment that are listening for these signals. And then, by analyzing this information across all the different listening points, the store can figure out which brand of tomato sauce that you've been looking at and use that information to push you coupons.

Aaron:
They can't do that now very easily right?

Colleen Josephson:
No, that's correct. There are some research systems that have been done to try and introduce these types of capabilities. The primary reason that we don't have it yet is because it's not in our infrastructure at the moment. And the introduction of the Ultra Wideband chip in the iPhone is the beginning of the popularization of Ultra Wideband I think.

So shortly after Apple announced this chip, a really well known networking equipment provider, Cisco, announced that their wireless access points will have Ultra Wideband chips in them in the upcoming future. So now, we have both the phone having an Ultra Wideband chip but also the infrastructure, the access points that can be installed around a store and listening to the signals that your phone emits.

So once a store buys this access point that has the Ultra Wideband capability built in, they could potentially start using information emitted from phones like the iPhone to track you around the store.

Yan Shvartzshnaider:
Just to follow up. What really got me fascinated by this was that, just as Colleen was saying, not a new problem that engineers and technologists were trying to solve. So certainly, there were a few proposals of how to enable indoor localization, however, what this particular technology allows you to do is essentially, once you have that chip, all you need is a router, an access point that supports that technology. And as Colleen was saying, one of the major manufacturers of those are already buying into this, so they certainly would support it soon.

And what would happen is that you can certainly add this capability in any building and what it comes down to, as a consumer, is somebody who is using an iPhone owner as yourself and others, essentially walking into a building without actually realizing that this technology is there. So maybe you're not expecting to be tracked indoors in a particular building, but because you had it on for a different purpose, suddenly you are actually being tracked and your information, your location, your shopping patterns are being aggregated. Certainly, this is kind of the scenario that we would try to avoid, but they are actually possible right now, with relative ease and little instrumentation to a particular building. That's what makes it so scary to me.

Colleen Josephson:
And to just interject a little something for more technical people who might be listening, Ultra Wideband is not so much a new technology. It's been around for a while. But rather the chips implementing the technology are new or somewhat new. And what really is the key here, is not so much the technology, but the players. And what has taken is major players to look at this technology and take it seriously and introduce it. So Apple is a really major player in the phone market. Cisco is a really major player in networking equipment. And once these and other big players have taken this technology and essentially endorsed it by including it in their products, that is, I think, the real catalyst for what it takes for this to become ubiquitous.

Aaron:
So late last year, the New York Times Privacy Project ran a really interesting story about phone pings. We'll put a link to that up on the show notes. Colleen, what did we learn from that story?

Colleen Josephson:
Basically, what happened with that story is the New York Times got a hold of this really detailed data set that included high fidelity location information for millions of phone devices in a number of U.S. cities. And I think most people who consider themselves relatively tech savvy wouldn't be surprised that their location was being tracked. But what is surprising is the extent and accuracy of the tracking that The New York Times uncovered.

So how this tracking works, I think the article refers to these as phone pings. And how it works is that an app that you installed requests access to your location data. So, for example, the weather app. And the app is going to use the data the way that you expect it to, to look up the weather in your location. But after that, sometimes they'll send your location to a third-party company. And the reason that they would want to do that is because this third-party company is willing to pay the app developers for that data about you. So the free app, it could be making money by selling your location data. And it turns out that this is perfectly legal and, in fact, the practice is so common that these data sets are really quite detailed.

And the companies that pay for this location data are then going to make money themselves by doing research on that data and selling the research findings to advertisers or even by just, straight up, selling the raw data set to advertisers. And these location brokers claim that the data is anonymous, but with access to the raw data set, it's really easy to infer who actually owns the device.

So the example I would give is if you have somebody that has a 9:00 to 5:00 job, they're going to spend most of their time at home and at the office. And even though multiple people might live in the same building or work at the same address, most of the time you're not going to have the same person, both living at one address and working at that same, a different address. So by being able to figure out where they work and where they live, it's really likely that you can infer who this person is exactly and if that wasn't quite enough data, well you've got this very large data set to hone it down and figure it out anyway.

And these companies that are owning these data sets aren't interested in tracking who you are exactly. They're not going to directly use it to spy on you over time, but the fact that they have this data and it's unregulated is scary, especially considering that most people wouldn't knowingly allow location permissions for any app that is enabling this underground location tracking ecosystem.

Aaron:
So, up to this point, the capability within your phone has been able to send this information about where you go outside but not necessarily within buildings and now, with the advent of this new technology being put into newer phones, conceivably these companies will have that data too.

Colleen Josephson:
Yeah, it's definitely conceivable that whoever is able to tell you where you are within a store could then forward that information to some sort of third party location information broker.

Aaron:
This is Cookies, a podcast about technology, security and privacy. We're speaking with Yan Shvartzshnaider, assistant professor and faculty fellow at New York University and Colleen Josephson, a Ph. D. student in electrical engineering at Stanford University. This is our final episode of the season. We hope you're enjoying the podcast. Let's get back to our conversation with Yan and Colleen in which they discuss steps we can take to increase our privacy.

Aaron:
So Yan, how does this threaten to disrupt societal norms?

Yan Shvartzshnaider:
That's a great question and certainly something that we should be looking at in terms of those technologies introduced into our daily life and we have our own societal expectations of how things are. And now they provide new capabilities where third-party actors (can) actually get information about us in places that we might not expect. We shouldn't say that GPS or outdoor tracking is certainly something that is acceptable. It certainly should be considered acceptable in a particular context.

And similarly indoors, as we were discussing now, it provides more fine-grained information about location, so you might not realize that now when you go into a shopping mall or somebody else in your building, you are being tracked and to a very fine-grained manner.

So the thing is, your expectations probably are not aligned with what this technology brings. And many other technologies. The risks here, which essentially we feel that without a proper discussion, we actually are exposing ourselves to something that privacy scholars and philosophers call tyranny of the normal. When Apple introduced something like this and endorsed this technology, big players, it suddenly becomes normal that you're being tracked inside. And if you are not tracked, you're basically missing out on some of the capabilities.

When those things are placed in front of the public, the normality of this, the expectation's already shaped, saying, well, we're already using this and it has some benefits we cannot actually discount. But there are certainly risks of exposing some information flows from those technologies that the current public are not used to and probably not expecting. The risk here, as those technologies become more pervasive, that we'll essentially get used to them and that becomes a problem for the regulator then to essentially make it, have a tougher regulation against it.

So we have to be very careful how they introduce and the debate we have, we should have it now, in particular as Colleen was rightly saying, with the big players and ones that we know. So we know that Apple and we know Cisco from the technology side, but there is a whole ecosystem of other players arguably supporting this move because it provides them so much more information that they can feed off their networks. And this is something that, as consumers, we should be aware of. Part of what we did with Colleen is provide this write up in a blog post, but ultimately, it's up to the regulators to be aware of this and get ahead of it before we move on and this technology becomes so pervasive that we essentially won't be looking back.

It really reminds me of the facial recognition technology debate that we're having right now. It's on the same par; we can compare the two.

Aaron:
So what can individual consumers do to protect themselves right now? Is there some sort of setting that I can change on my phone to keep it from tracking me like that?

Colleen Josephson:
Yeah. So I'd say, before turning things off, the first step is going to be awareness. So if a company is giving you an app for free, they still have to make money somehow. And the most common way is going to be showing you ads. And this location data is a really valuable metric for pushing those ads.

So take a moment to think, sure it's convenient that Facebook can automatically tag my location posts, but the trade off will be that that information will be used to serve ads to me. So people are okay with that. But many others don't realize this, and it actually creeps them out. So the first step is going to be taking the time to notice things. Huh, this app seems to know what my location is. Am I okay with that? And if not, you need to look into changing your settings.

There are two levels of settings that are involved with phone location data. The first is going to be system wide settings which basically turns location services on or off all apps. It's kind of similar to airplane mode. And there's also going to be per-application settings which would let you, for example, prohibit Facebook from knowing your location but continue to allow your map program to know where you are. So per-application settings are going to be specific to that application setting menu.

System-wide settings are going to be in your phone setting menu and how you change those is unfortunately going to differ from phone manufacturer to phone manufacturer, even change based off of your operating system.

And I think that it's important for consumers to consider what to do to protect themselves, but that puts undue burden on everyday people.

Yan Shvartzshnaider:
A lot of the companies today, a lot of the manufacturers, of a lot of the devices and different operating systems say, well, don't worry about it. If you worry about your privacy, we have all the controls in there for you to change and make sure that you prevent us from collecting this data. But we cannot expect the day-to-day consumer essentially to navigate this landscape of different settings that, by the way, change all the time. And in fact, it's pretty hopeless, even if you're, as Colleen was already saying, sometimes you will change one setting but actually you will have to change a few settings to make sure that one app doesn't collect data and doesn't share and so forth.

In fact, in part of our other research that we worked on, we found that apps actually sometimes share locations between them. So things like that really leave the consumer in a place where, certainly you can be aware of things, but if this whole ecosystem which is geared towards getting your location, pretty much has all the information, from not necessarily the chips, like GPS, it can get it from your network IP address and so forth. So there's different ways of doing that so they pretty much get your location if they want to.

It's important, I think, for us to essentially push a way for those companies not to offer control over our privacy but really respect our privacy. And the difference is that we have societal norms, we have expectations. Those things shouldn't be violated and right now, as Colleen was saying, the burden is on us to make sure that the inappropriateness of those information flows essentially doesn't continue, which is really not realistic, given that the number of apps we're using. And sometimes because of the complexity, sometimes location collections or location provides useful benefits and you might use and forget that you have it on and suddenly this bunch of apps are just pounce on it and straight away you're losing that particular information.

So just to finish off in terms of saying, privacy's not about secrecy. Privacy's not about data minimization. It's about appropriate information flow and that appropriateness is really defined by the societal norms in particular context, and if we all gather as a community and push towards that, that's where the regulation should go and make sure that those things are respected. And right now, unfortunately, that's far from the case because of the different angles on privacy. Well, we don't share your personal information. Or we only share public information. Or, as we were discussing this New York Times article, well it's all anonymous; it's really not about you. Well really, ultimately you are being exposed and this is something that we should be really worried about and hopefully we'll get to do something about it.

Colleen Josephson:
Yeah, to add to that, it's become our unfortunate responsibility to read these really long and impenetrable license agreements and to be in charge of investigating what an app will and won't do with our data in detail. And this is really asking a lot of people, especially people who are maybe not as technically adept as others. And the unfortunate result is that people are again and again surprised, often unpleasantly so, about how their data ends up being used. So how can we construct policy so that people don't end up being surprised that their data is used in certain ways?

And I just, if I may have a plug on this, specifically in this particular issue of people being surprised about their data. And this comes down to a lot of the work we're doing with legal scholars and folks at CITP at Princeton as well as NYU and Cornell Tech, as well as the wider privacy community in terms of pushing towards understanding privacy as contextual integrity. For a long time, today as Colleen has mentioned, we have this notion of informed consent, right. So companies provide you with a lot of information, well with some information in privacy policy in a very cumbersome way and we've showed, among many other works, that this really doesn't work. The consumer is not informed. The way this privacy policy is written is not really informing and sometimes even more confusing the reader.

So really, the idea here is if you define privacy as contextual integrity and you would try to build your systems around that notion, you move away from those dichotomies of public and private or personal and non-personal towards something that is respect of societal norms that earlier on, we were discussing how those technology are disrupting each time.

This is unfortunately not the case at the moment because the legal system is not geared towards looking at privacy that way. But hopefully through podcasts like this one and through our work, we can certainly move towards that direction.

One thing that we discussed in the blog post is a possibility of these ads literally following you home. And it's kind of creepy; a lot of what we talked about is. But there's already technology out there. There's a company called Five Tier that has a system that updates the ads in Times Square in real time based off of the stream of data from nearby cell phones. And that data's combined with personal information collected from passers-by from the data brokers, like the ones the New York Times article described.

So we're already seeing personalized ads that can follow us down a sidewalk, so imagine how much more intense that could get once the location data is one to two orders of magnitude more accurate.

Aaron:
So you could actually see billboards as you drive down the street that are aimed right at you?

Colleen Josephson:
Yeah, that is something that this would enable. Then you get home and you log onto your web browser and depending on how this data ecosystem ends up sharing your information, it could follow you all the way home, back to your web browser.

Yan Shvartzshnaider:
Exciting stuff.

Aaron:
It's a scary world out there.

Yan Shvartzshnaider:
Well, look, for some. I guess, for some, it's like here is a great business. But yeah, we certainly should be aware of those, and like Colleen was saying, quite a few, because we didn't put everything, but we had quite a few discussions kind of giving examples of what actually already exists, right. It's not something that... It sounds from the future, but it's not. It's here.

Colleen Josephson:
And I think, privacy advocates kind of get a reputation for fear mongering, but this is already, the pieces are in place.

Yan Shvartzshnaider:
I feel like the privacy advocates and privacy scholars, they're more of a, let's see what happens and what are the benefits of it and what are the, both sides. But certainly, the reality is that we, as consumers or society, are not being even consulted. So there's a lot of power, as you mentioned, in those big companies. So if they decide that they go for it, this technology, and there's nothing to stop them, not even a way for them to hesitate, suddenly you certainly will be in the world which you have to get used to, that you walk down Times Square, and every ad in there or billboard will try to reveal your desires or whatever your last shopping list was or something. Not explicitly, but maybe, suggestively, and that's something I feel a lot of people are not going to be okay. But at that time, I think there will be little that we can do because technologies will be there anyway. This helps, I think, to some degree.

Colleen Josephson:
Yeah, I think people have gotten used to trading access to free things for being advertised at, but I think what has happened over time is that people are definitely not as aware what sort of sensitive information is going into serving advertisements to them. There's a really big difference between watching an ad that everybody else sees the same ad on, for example, broadcast TV, whereas if there's something that's hyper-personalized to you, it makes it really feel like you're being spied on.

Aaron:
Okay. Finally, how has COVID-19 changed the Ultra Wideband space? Colleen?

Colleen Josephson:
Yeah. So, we've all started to hear a lot about contact tracing and the old-fashioned way involves the person interviewing you to find out all the places you've been and the people that you've been near since becoming contagious. But there's also been a lot of conversation around technology-based contact tracing. So, using our phones to track which others phones that we've been near. Current phone-based contact tracing does not actually use Ultra Wideband. Ultra Wideband is basically the ideal technology to implement this because it's really good at finding out exactly how far away you are from other Ultra Wideband chips. But the problem is adoption rate. Not enough phones yet have Ultra Wideband chips because Apple was the first. So Apple and Google have fallen back to using Bluetooth which, Bluetooth technology currently is in every single phone, smart phone at least, even though it's less accurate.

However, what this has done is there's new technology under development using Ultra Wideband to try and enforce social distancing and doing contact tracing. So there's some companies that have started working on wristbands that beep when employees get too close and then they report the location data back to a centralized database so that if somebody gets sick, employers can query it to notify workers who came close to the person with the positive case. Or another case is you can wear, instead of a wrist band, wear it around your neck. This particular company calls their device the distancer, which I thought was kind of funny because it sounds a little bit like what you'd name your sword in a role playing game.

Yan Shvartzshnaider:
I'll add to this, if I may. So when we were writing this blog post, we really didn't see the pandemic coming and COVID-19 and all the discussion about contact tracing certainly drew our attention towards how this Ultra Wideband space can be utilized. And, in fact, I feel this is a great example of how technology can actually help. There are a lot of benefits. As Colleen outlined, it's actually pretty accurate and it can certainly bring towards this common good towards understanding, keep our community healthier.

However, there's a lot of questions that you should be asking before jumping into this and adopting. First of all, and we actually talked about this more ourselves and this is really understanding the notion of what happens when the disaster is over. What happens when the pandemic is over? From my own research, we looked at a similar case, again without knowing the pandemic and recently we published it, about natural disasters where also a similar situation arises when you have apps that help you survive or provide you with some benefits. But the question of when disaster ends is something that we haven't even figured out, how our systems will adjust. And this is something that is really crucial because as this fine grain data is being collected and presumably helping us getting through this pandemic, how this information is used after the disaster ends, even during but ultimately after and there are quite a few examples out there in previous cases, in natural disasters, that the information is being kept and used for other purposes.

Colleen Josephson:
Even specifically related to other pandemics, there is an article that NPR published recently about South Korea failing to delete contact tracing data collected during a previous outbreak. So they said that they would delete it, but in fact, five years later, they still have it. So is that something that's going to happen if we have contact tracing data here?

Or, for example, if these employers do, in fact, invest in these wrist bands to track your location information to enforce social distancing, the advantage is that we will feel safer going back to work, but your employer spent money on these systems. When it's no longer strictly necessary, are they going to stop using it? Probably not.

Aaron:
I want to thank Yan Shvartzshnaider, assistant professor and faculty fellow at New York University and Colleen Josephson, a PhD student in electrical engineering at Stanford University. Their blog post is at Princeton's Freedom to Tinker blog located free online. There's a link from our show notes available from our website at engineering.princeton.edu. Our recording engineer is Dan Kearns. Cookies is a production of the Princeton University School of Engineering and Applied Science. This podcast is available on iTunes and other platforms. If you get a chance, please leave a review. It helps. The views expressed on this podcast do not necessarily reflect those of Princeton University. I'm Aaron Nathans, Digital Media Editor of Princeton Engineering. Thanks for listening. Peace.