[Updated on 5 Feb 2021, 12pm]
Earlier on Monday (Jan 4), the government revealed that TraceTogether data may be used to aid criminal investigations, causing an uproar among Singapore citizens.
According to the law, the police can obtain any data under Singapore’s jurisdiction for the purposes of criminal investigations, and this includes TraceTogether data.
In response, Singaporeans have cited past remarks by Foreign Minister Vivian Balakrishnan on TraceTogether data being used only for contact tracing.
Balakrishnan himself said at a press conference in June last year saying that the data would be used “purely for contact tracing. Period.”
However, he has since said that he was not aware of the Criminal Procedure Code (CPC) that allows police to access the data.
This came after Christopher de Souza of Holland-Bukit Timah GRC asked if data collected under the programme will be used for criminal investigations, following concerns expressed by netizens.
While Singaporeans don’t necessarily think it’s unfair for the data to be used in criminal investigations, they are upset because they were not told that the data will be used for investigation purposes.
Subsequently, on Feb 1 (Monday), a Bill was passed to enforce that contact tracing data will be reserved strictly for the fight against Covid-19 and investigations into the most serious crimes.
This appears to contradict the government’s and Balakrishnan’s past statements.
Should TraceTogether data be allowed to be used in cracking criminal cases?
We Give Apps Access To Our Personal Data Every Day
On a daily basis, we allow apps, businesses and institutions access to our personal data.
If one is concerned about TraceTogether data, he or she might want to review the list of apps they have on their phones such as SingPass, internet banking apps, and transport apps.
Chances are, these apps are already collecting your data and you have already approved the collection and use of your personal data in legal context, whether you are aware or not.
For example, Grab’s privacy policy states that “in certain circumstances, you may need to provide your Personal Data in order to comply with legal requirements or contractual obligations, or where it is necessary to conclude a contract.”
The data collected by such apps include your location (to detect pick-up locations and abnormal route variations) or transaction information (such as payment method and distance travelled).
Additionally, EZ-Link’s privacy policy states that EZ-Link Pte Ltd shall collect, use, disclose and store personal data in accordance with the Personal Data Protection Act (2012) of Singapore.
We also already give banks access to information regarding our ATM transactions and other banking information, including where you last withdrew money.
Furthermore, checking in and out of your SafeEntry app at locations also allows SafeEntry to know where you are and where you have been.
This raises the question: If we can allow EZ-Link, SafeEntry and banks to collect and use our personal data, why are we afraid to allow our TraceTogether data to be used in criminal investigations?
TraceTogether Data Is Actually Not That Useful
Moreover, the TraceTogether data is not likely to be very useful in investigations.
TraceTogether taps Bluetooth signals to detect other participating mobile devices — within two metres of each other for more than 30 minutes — to allow them to identify those who have been in close contact when needed.
In fact, there are likely to be hundreds of other contacts each device detects in a day.
TraceTogether does not capture GPS location so it would not be practical for the police to call every single contact as the majority of them may not even have a recollection of the criminal suspect.
As opposed to mobile pinging, mobile carrier history, SafeEntry, credit card statements, ATM transactions, TraceTogether data doesn’t reveal a lot about the tracks of a criminal.
In fact, if you feel worried about the TraceTogether data being used in criminal cases, you may want to relook into whom you are sharing your personal data with.
S’pore Gov’t Needs To Be Fully Transparent
It is undeniable that TraceTogether was created for contact tracing efforts in the fight against COVID-19.
It has always been clear that TraceTogether data will be used to protect the livelihoods of Singaporeans, including the safety and security of the citizens.
Therefore, the government would always prioritise safety and security of Singaporeans over individual liberties. This also includes when we need to identify a criminal.
To be fair, Singaporeans are not opposed to the use of their data in criminal investigations. Instead, they are upset that they were not informed beforehand about the potential uses of their data.
It was only on Monday that the TraceTogether Privacy Safeguards page was updated to reflect how the Criminal Procedure Code applies to the data.
It reads: “Also, we want to be transparent with you. TraceTogether data may be used in circumstances where citizen safety and security is or has been affected.”
“Authorised Police officers may invoke Criminal Procedure Code (CPC) powers to request users to upload their TraceTogether data for criminal investigations. The Singapore Police Force is empowered under the CPC to obtain any data, including TraceTogether data, for criminal investigations,” it added.
It will definitely help alleviate the anger if the government clearly explains to the nation how the data will be used to help with criminal cases.
For instance, they can furnish examples, map out the process, and detail which aspects of the data will be used — just like how the use of TraceTogether token was explained when it was first introduced.
Featured Image Credit: Gov.sg / Bloomberg
