By Charles McDermid
Not everyone is convinced that sharing personal data to save lives marks the beginning of a so-called surveillance state.
Kyung-Sin Park is director of the American Law Center at Korea University and head of Open Net Korea.
As he told Digital Privacy News, South Korea has specific “sunset” laws in place that enforce the destruction of all personal information once a public emergency is over.
“As long as they use aggregated, as opposed to individualized, information, I think privacy concerns could be abated very much,” Park said in an email. “But there is a question of trust on whether the health agencies and other public agencies would turn over only aggregated data to Palantir and other companies.”
He continued: “There is a chance that they may turn the data over in individualized but pseudonymized format so that companies could merge two or more databases. Done properly, in the GDPR (General Data Protection Regulation, the E.U. data-protection law) sense, privacy concerns can be also abated.
“But I am worried,” Park said, “because not many in U.S. are familiar with safeguards in merging databases, for example the ‘Trusted Third-Party’ method.”