Private sector races to build virus apps to track employees

Companies including PwC, the global consultancy, are racing to build surveillance tools that will monitor the spread of coronavirus inside offices and workplaces. 

The companies, which also include smaller US start-ups Locix and Microshare, want to give employers the confidence to reopen their facilities, to take action to control outbreaks, and to alert staff if they come into contact with infected colleagues. 

While governments and tech companies are working on voluntary tools that send similar alerts, these may not be widely adopted. By contrast, PwC said companies could make its tool mandatory. 

“You really need a majority of people to do this,” said Rob Mesirow, who leads PwC’s connected solutions practice. “US businesses are going to have to [tell employees]: If you’re going to come back to the work environment, you need this app on your phone.”

Locix said it was building a tool designed to track where people had been to within a few centimetres.

If an employee tested positive, a company could retrace their steps and see precisely where, and how long, others interacted with them. Surfaces, too, could be scrubbed down once it became known an infected person had handled them, say, a certain forklift or photocopier. 

“In a warehouse, I’m going by people in seconds,” said Vik Pavate, chief executive of Locix. “Contact is not only with people, but in spaces . . . It’s ‘Where have you been?’ and ‘How long did you dwell there?’”

Microshare’s “Universal Contact Tracing” would see employees wear badges, key rings or wristbands embedded with inexpensive Bluetooth beacons. 

Michael Moran, chief risk and sustainability officer at the Philadelphia-based company, said this was a better alternative to the project that Google and Apple have devised based around using a smartphone’s Bluetooth signal. 

“It’s really a stunning blind spot of [the Apple-Google] approach to think that there’s somehow been universal adoption of smartphones,” he said. “It’s just not true. And in fact the most vulnerable populations in the world are exactly the ones that don't have them.”

Every enterprise today is trying to think of how to safely permit their workforce to return to the office. But the technology solutions are kind of like snake oil

PwC’s solution uses both the Bluetooth and WiFi functions of an employee’s smartphone to anonymously map how employees interact. 

In the event of a person informing human resources they had been infected, authorised personnel would enter their information into the system “and within seconds, it will trace everybody” so that the HR person can then inform those staff, Mr Mesirow said. “And it breaks people up into high-risk, medium-risk and low-risk based on time and distance. That’s why accuracy is really important.”

He added that it would be down to employers to preserve the privacy of their staff. “[Our system] is designed so it has the ultimate privacy gates in place, but at the end of the day you cannot control human nature,” Mr Mesirow said. “We are not here to police the HR department of the Fortune 1000.” 

Security experts note that employees using company-issued smartphones have few privacy protections anyway: in many cases, employers can monitor a user’s location or what apps they download. 

But companies should provide assurances around confidentiality and set expectations over how data will be used, protected and for how long in order to gain user trust, they say. 

“It is going to be very difficult to achieve the goal of getting back to work without sacrificing some privacy,” said Jena Valdetero, a privacy lawyer with Bryan Cave Leighton Paisner. “Without principles of data governance and accountability, [these solutions are] open to abuse.” 

“It’s about transparency, accountability, data security and data minimisation — not collecting more than you need,” she added. 

Other critics note technological limitations and question the efficacy of even the business-focused solutions. For instance the technology might not recognise if a person is wearing protective equipment and flag them as “high risk” after some encounters. 

These solutions might be tuned over time to become more precise. Or they might fail to live up to their purpose, said Ashkan Soltani, an independent privacy researcher and former chief technologist at the Federal Trade Commission.

“Every enterprise today is trying to think of how to safely permit their workforce to return to the office,” he said. “But the technology solutions are kind of like snake oil. They’re not going to be reliable.”