Op-ed: Rush to fight virus shows Utah has a privacy problem

Public officials across Utah working desperately to fight off the pandemic, as it continues to touch nearly every aspect of our lives, have decided to turn to tech.

In April, the state released the “Healthy Together” app developed by a company called Twenty. While Utah’s leaders were telling us that the app “will increase the ability of health workers and state officials to trace and contain COVID-19,” Utah’s Director of Information Technology told colleagues the app is “a joke.” The app has never delivered on its multi-million dollar promises, and now the state is ceasing to use the features that would enable contact tracing within the app.

It can be easy to excuse mistakes like this. Utah officials, after all, are leaving no stone unturned to get the upper hand on COVID-19. What’s the harm in a Hail Mary pass at this point?

In reality, this is the latest questionable decision from Utah leaders. We love rushing into tech too soon and always find eager private-sector partners to help. These mistakes affect how Utahns view future technology and put our privacy and civil liberties at risk.

Let’s look at who we’re working with. Take, for example, the recent revelations about the founder of Banjo. A former member of a white supremacist group secured contracts with the Utah Attorney General’s office, the University of Utah, the Utah Department of Public Safety and about 20 other cities, counties and law enforcement agencies across the state. Banjo’s founder acknowledged this as “a dark and despicable period in my life that I am extremely remorseful about,” but how did someone with this past come to shape how our law enforcement agencies collect and process information about our communities, including ethnic and religious minorities?

The choice to work with Twenty on the Healthy Together app should also give us pause. Why would Utah give a multi-million dollar no-bid contract to a fledgling social media app that, as TechCrunch noted, did not have a business model in place nine months ago? From the explanation on its website, Healthy Together is just a repurposed version of the company’s app with a backdoor for officials to monitor activities. Not exactly the most encouraging development.

It isn’t just the state’s choice of partners that should concern us. It is also concerning how Utah chooses to use this technology.

Let’s look at other attempts by Utah’s leaders to address the coronavirus crisis. The state government reappropriated its Amber Alert system to track who was coming in and out of the state. As travelers approached Utah’s borders, they were pinged on their cell phones with messages asking them to fill out a survey. Almost immediately the state received hundreds of complaints and the effort was shut down. And just last month, the director of Utah’s public health lab was removed from her job for refusing to send coronavirus test samples to TestUtah’s hospital lab, which was not in compliance with federal certification guidelines.

Again, these missteps are not recent developments. Researchers at Georgetown University exposed Utah’s agreements with law enforcement agencies that allowed virtually open access to our driver’s license photos for facial recognition purposes. Between 2015 and 2017, the pictures of Utah drivers, including minors, were subjected to thousands of facial-recognition searches from both local police forces and federal agents across the country.

All is not lost, as legislators have tried to rectify some of these mistakes. Utah has taken some steps to become a leader in digital privacy, and the state can remain a leader if it takes these problems seriously and puts some proposed protections in place for the future.