In a perfect world with complete trust in Government, every Singaporean would download the TraceTogether App to assist in national COVID-19 contact tracing efforts. Thus it is unfortunate that some of us do not yet have the requisite level of trust.
Unfortunate firstly because it seems like our brilliant techies engineered an app that has sufficient safeguards for those concerned about government surveillance.
The location and nearby-contact data sit on your phone, and are accessed by MOH only in specific COVID-19 circumstances with the user’s consent; TraceTogether is quite clearly designed to assuage privacy concerns, to allay fears of Big Brother.
The technical solution is so elegant and light, in fact, that governments around the world have asked us for the source code. Now that is something for Singaporeans to be proud of, not some humdrum comment by Barbara Streisand.
(All that said, an oversight by the TraceTogether team has just been exposed, reconfirmed directly by a contact of mine at GovTech. The original app included in its build wogaa.sg, a government data collection service, which means that TraceTogether collects more data than necessary and compromises its supposed anonymity and 21-day data hygiene. Thankfully GovTech is working to remove wogaa, a standard feature in such products, in TraceTogether’s next iteration. However the oversight, specifically the team’s unconscious acceptance of code that collects and sends your data to the government, is worrying for those of us concerned about social conditioning to surveillance. Separately, Digital Reach has also raised concerns in an article titled “TraceTogether: Disassembling Was Not Easy to Verify the State’s Privacy Claims“.)
For us not to download TraceTogether is also unfortunate because this pandemic is akin to a war with shadowy enemies such as ISIS. It is a time when some suspension of civil liberties, including privacy, may be warranted.
Many civil rights advocates will disagree. After all, we are living in an era of creeping authoritarianism around the world, when individuals seem to be unwittingly signing away their rights to Big Government and Big Tech. Yuval Harari articulates many of these concerns in “The World after Coronavirus”.
Nevertheless, there does appear to be a more conscious acceptance, especially during this COVID-19 period, of the need for intrusions into our private lives when it comes to dire issues of national security.1
The important caveat is that there must be accountability and transparency regarding the intrusion, and any other suspension of civil liberties, in order to prevent abuse. There must be appropriate societal checks and balances, whether through independent commissions, government watchdogs or the media. Citizens need to know that we can seek redress for any injustice or suffering because of the intrusion.
And this is where Singapore fails.
There are countless episodes in our history that prove the point. The most obvious one is the alleged Marxist Conspiracy of 1987.
That year Singapore’s Internal Security Department (ISD), under orders from the People’s Action Party (PAP) leadership, arrested twenty-two Singaporeans, a mix of activists, church and social workers, and theatre performers. The government accused them of plotting a Marxist conspiracy to overthrow the state. They spent different amounts of time in prison, the longest three years, without ever being charged for anything. The ISD tortured some of them into making false confessions (so they claim).
Lee Hsien Loong, Singapore’s prime minister, and most others in parliament then, including K Shanmugam and Goh Chok Tong, have maintained these allegations. However people such as politicians Tharman Shanmugaratnam and S Dhanabalan, former attorney-general Walter Woon, and Singapore’s pre-eminent historian Mary Turnbull have raised doubts about them.
Many of us believe Tharman and the latter group. If they are right, this suggests that the alleged Marxist Conspiracy was a horrible attempt by the PAP to fix its perceived opponents.
What is the relevance of all this to TraceTogether? Well, put another way, it appears that in 1987, the ISD relied on intelligence unethically gathered, including its knowledge of friend networks, to help the PAP execute a dastardly political manoeuvre.
For TraceTogether, on the one hand, GovTech has told us about its privacy safeguards and about the special circumstances under which MOH can request data. On the other, GovTech reports to the Prime Minister’s Office (PMO), helmed by the same person—take note, Barbara—who helped oversee the Marxist Conspiracy manoeuvre.
What assurances do we have that PMO (or ISD) will not somehow obtain and abuse the TraceTogether data sent to MOH, the same way personal network and contact data was (seemingly) abused in the arrest and detention of the “Marxist Conspirators”?
To be clear, this is not to suggest that TraceTogether is vulnerable or has a “backdoor”, or that it was cobbled together for some Orwellian purpose. There is widespread acceptance of its virtuous intent.
Rather, it is a belief that the dominant political forces have, can, and will abuse democratic norms for their own ends, with little recourse for victims or unsuspecting handmaidens.
To think of it another way, the technologists’ brilliance is clouded by their political masters’ (perceived capacity for) chicanery.
What can we do to rectify this situation? In the short term, not much. We are in the middle of a pandemic and have far more important things to do. (Like hold an election.)
But in the longer term, techies, policy wonks and others, this is what you can do: lobby your leaders and representatives, make sure they understand the need for accountability and transparency. 2 Perhaps we need a Commission of Inquiry into the alleged Marxist Conspiracy? And systematic declassification of documents after X years?
Only when Singaporeans trust the integrity of the entire socio-political process will we easily get buy-in for (seemingly defensible) surveillance. Some argue that surveillance in Singapore is already so widespread that any marginal risk from TraceTogether is negligible. Perhaps, but there is a fundamental difference between a government spying on its citizens and citizens voluntarily capturing and sending data whose integrity might later be compromised. Moreover, TraceTogether’s use of Bluetooth provides an additional level of granularity not otherwise available (say, through regular mobile phone user data).
So we need to have these conversations before the next crisis, natural or man-made, which probably won’t be far off. We need to nurture a society which, in the words of writer Jolene Tan, does not instinctively poo pooh claims of state abuse.
On that note, it is sad to see several on the pro-TraceTogether side dissing privacy advocates: “Oh you think you are so important that the G wants to track you?” Ad-hominem attacks like this only poison otherwise genuine exchanges.
The very essence of a panopticon, in fact, is to blur the lines between irrelevance and importance, to ensure that everybody excessively self censors. Singapore’s history is littered with examples of persecuted people—from the “Marxist” church workers to Jolovan Wham, social worker currently in jail for a Facebook post criticising the judiciary—who might have hitherto been considered by many to be “unimportant”.
Without doubt, GovTech deserves praise for TraceTogether, a nifty, well-intentioned addition to our COVID-19 arsenal. But one hopes GovTech can appreciate Singapore’s broader socio-political environment; and the numerous ethical issues we must work through, together, before such initiatives can achieve broad success here.
“Technology does not exist in a vacuum,” as a friend says. “The values and past histories of those who make it and own it influence how a technology will be perceived and accepted/resisted.”
1 Countries everywhere, from Israel to South Korea, have implemented or are considering enhanced measures, which might worry civil rights activists, in order to deal with COVID-19.
2 Nobody is under any illusions that this will be easy. Given Singapore’s one-party dominance, there seems very little political impetus for this sort of accountability and transparency.
Note: I have yet to install TraceTogether. Am undecided. Ultimately, with countries everywhere rolling out their own contact tracing apps, we may all be forced, by custom or otherwise, to install it. (For the sake of our species! Gosh, are we there yet?)
Nevertheless, with a lot of misinformation and straw man arguments out there, it is important that people in GovTech and elsewhere understand the reasons for resistance among some Singaporeans. I hope this piece is read in that spirit, not as some attempt to undermine an impressive technology intervention to a public health crisis.