Earlier this month (4 January), Singapore’s Minister of State for Home Affairs Desmond Tan revealed in Parliament that the police can obtain data from national contact tracing programme TraceTogether (TT) for criminal investigations.
Mr Tan explained that police is empowered under the Criminal Procedure Code (CPC) to get hold of any data, and that includes the data gathered from TraceTogether.
This revelation led to heavy discussions and criticism among the public as it contradicted with the Government’s earlier promise, in which it said that TT will be solely used for contact tracing in order to stem the spread of COVID-19 in the country.
According to an article published on MIT Technology Review, a magazine owned by Massachusetts Institute of Technology in the US, it said that Singaporeans are not particularly bothered much about privacy given that “state surveillance is largely normalised in the country”, but rather felt that they’d been subjected to a “bait-and-switch”.
Following the announcement in Parliament, the Government said that it will introduce a new legislation to minimise law enforcement’s use of contact tracing data to investigate into seven categories of offence, including terrorism, murder, kidnapping, serious sexual offences, as well as drug trafficking offences that attract the death penalty.
“We acknowledge our error in not stating that data from TraceTogether is not exempt from Criminal Procedure Code,” said the Smart Nation and Digital Governance Office in its statement.
It added that the new law “will specify that personal data collected through digital tracing solutions… can only be used for the specific purpose of contact tracing, except where there is a clear and pressing need to use that data for criminal investigation of serious offences.”
However, there is no timeline to when the law will be brought before Parliament.
Digital rights activist Lee Yi Ting was quoted in the MIT Technology Review article as saying: “In Singapore, where laws grant sweeping executive and legislative powers to state actors, I think any commitment to accountability and restraint is welcome.”
She continued, “But it remains to be seen if the bill will make substantive commitment to these proposed limitations. For example, if state actors flout these regulations, what investigative bodies will come into play, and what consequences will state actors be held to?”
Loss of trust
The article also pointed out that concerns that Governments could abuse contact tracing systems have emerged around the world. However, many of these worries have been misplaced, especially in countries that use Google and Apple’s exposure notification technology, as it does not permit centralised collection by local authorities.
In fact, Singapore had earlier rejected Apple and Google’s system, stating that it would be “less effective” in the Singaporean context.
Nevertheless, the article noted that one major issue that stops most countries from adopting digital systems to speed up contact tracing process is trust.
Commenting on this, Ms Lee expressed her worries that if “legislation is enough to placate many Singaporeans, the implications out the country could be serious”.
While Singapore’s decision to create digital contact tracing has put it in a global leadership position, and TT’s systems have been adopted by other countries, but there is no evidence to show that the same legislative mistakes were made elsewhere.
“Singaporeans do care about the extent to which the state intrudes into their private lives,” noted Ms Lee, adding that the country is setting an international example “for repressive governments to likewise normalise the use of contact tracing data for the purpose they define”.