As Some Are Requiring People To Give Up Their Info To Dine, Stories Of Creeps Abusing That Info Come Out
from the the-privacy-conundrum dept
I think many of us are going to avoid eating at sit-down restaurants for the foreseeable future, even if governments deem them to be “safe.” However, I find it at least somewhat unnerving to see Governor Jay Inslee in Washington say that in order for a restaurant to offer dine-in services, it will need to keep a log of all diners for 30 days, including their telephone and email contact info.
Under Gov. Jay Inslee’s new statewide orders, Washington restaurants that offer sit-down service will be required to create a daily log of all customers.
The restaurants must maintain that log for 30 days, including telephone and email contact information and the time they were in the restaurant. The state wants this information to facilitate any contact tracing that might need to occur.
I fully understand why this requirement is there. Since contact tracing is so important, it’s much more difficult to do contact tracing in situations like these where there’s no way to tell who else was in the same small space where a COVID-positive person dined. But… at the same time, it seems to raise a number of privacy questions.
When I tweeted about this, some pushed back and said it wasn’t much different from ordering online or from an app (or even, potentially, paying with a credit card). All of those give up some level of privacy. Yet, as I’ve been saying for years, privacy is about trade-offs and a big part of that is understanding the benefits and the risks. And when we’re ordering with an app or using a credit card, there are reasonable systems in place that make it unlikely that your info will be abused. These are not perfect, and there are some cases where there are risks. But, for most people, the “threat model” suggests it’s not that risky.
Yet, it’s unclear if that’s the case with something like a “restaurant log,” like the one that Washington State is requiring. As an example of why that might be problematic, we can just head down to New Zealand (which appears to have almost entirely contained COVID-19) to hear of a story about a restaurant worker using the contact tracing info a customer left to hit on her:
“I had to put my details on their contact tracing form which I didn’t think anything of. It asked for my name, home address, email address and phone number so I put all those details down,” she tells Newshub.
Except in Jess’s case she didn’t just take away a sandwich from the Subway restaurant she was at. She also got a Facebook request, Instagram request, Facebook messenger approach and a text from the guy who served her, using her contact tracing details.
“I felt pretty gross, he made me feel really uncomfortable,” she says.
“He’s contacting me, I didn’t ask him to do that, I don’t want that.
“I’m lucky that I live with quite a few people because if that was me by myself at home – he knows my address you know – I’d feel really, really scared. Even now I feel a bit creeped out and vulnerable.”
The article does note that the Subway employee who did that digital stalking “has now been suspended” (is that New Zealand for fired?), but it can’t make anyone very comfortable.
And that’s a much bigger issue than just for that woman. If people are afraid that their private info can be misused, they’re less likely to give it. In other words, the nature of the privacy trade-offs are vastly different than they might otherwise be. Not understanding that leads to bad results, and yet that seems to be what’s happening in Washington.
After receiving some pushback, Inslee is now saying that the logs should only be kept for 14 days and that privacy “protocols” are developed. But that’s the kind of thing that need to be built up initially, not after such a plan is announced:
?This is something that we have to make sure that we build protocols around privacy so that any of this information can only be used for this purpose, can be expunged after 14 days so that this is only a minor inconvenience. No one is looking to make this a federal crime. We?re trying to save some lives here,? Inslee added.
Again, he means well, and there’s obvious value in contact tracing done correctly. But you can’t ignore the privacy issues, and you can’t tack them on after things are already messed up. Any system needs to develop the concept with privacy built in from the very start — and there’s no indication that Washington state has done so.
Update: Late this evening Governor Inslee announced that this would no longer be a requirement, though suggested that restaurants set up a voluntary system. It appears he listened to some of the criticism.