Activists are warning that sweeping surveillance measures implemented by the Armenian government to reduce the spread of coronavirus risk curbing civil liberties and human rights.
Parliament passed legislation on March 31 giving the authorities powers to use cellphone data for tracking coronavirus cases. The law, which the government argued was needed to help identify infection hotspots, requires telecommunications companies to provide phone records for all customers, including numbers and location, time, and date of calls and text messages.
Officials would use those records to identify, isolate, and monitor anyone with Covid-19 or those who had been in close contact with them, also obliging health care providers to report data on people who were tested, infected, or showing symptoms.
As of April 15, Armenia had over 1,000 confirmed cases of COVID-19 with 297 people having recovered and 17 having died. Roughly 9,000 Armenians have undergone testing.
The government has now extended the state of emergency until May 14, although they announced they would be easing restrictions by allowing certain industries such as agriculture and fish farming to resume operations.
Officials have justified the measures by citing the successful experience of Asian countries that have applied location tracking and isolation tools.
“The system combines the data and provides the circle of people who were most likely to be in contact with the infected person,” deputy prime minister Tigran Avinyan – now also heading the state of emergency command – told the March 31 session of parliament.
“A ministry of emergency situations employee will be in contact with these people to let them know that they were, most probably, in close proximity with an individual infected with Covid-19. Our goal is to deploy as many technological tools as possible to prevent the dissemination of the virus and gradually reduce the restrictions of movement and other preventative measures.”
However, opposition politicians and civil society members remain concerned that the law both violates the confidentiality of personal data and lacks adequate rights guarantees.
Only members of the ruling faction supporting the law when it passed on March 31. Opposition factions Bright and Prosperous Armenia did not participate in the session.
Gevorg Gorgisyan, a lawmaker from the opposition Bright Armenia party, argued that such surveillance method was ineffective and had nothing to do with virus prevention.
“The data on incoming and outgoing calls gives no information whatsoever on the meetings the infected person may have had,” he said. “The call neither proves or disproves a possible personal interaction. Therefore, this initiative was introduced to track the calls of people and has nothing to do with who interacted with whom and how the virus was spread.”
Bright Armenia contacted three mobile operators to ask whether they had the technical capacity to identify the exact location of people making calls.
“In response to our inquiry, the mobile operators noted that if in an open space it is possible to pinpoint the location of an individual within a discrepancy of 20-100 metres; the closed spaces provide no such possibility,” Gorgisyan said. “Thus, the tool they want to deploy will give no information on personal interactions and only risk publicising citizens’ personal data.”
Armenia’s Human Rights Defender’s office has also expressed concerns that the law lacks adequate oversight and has called for certain provisions to be re-examined.
“Regulations proposed by the government in the draft law on making supplements to the law on the state of emergency restrict certain constitutional rights and contain derogations from Armenia’s obligations under the European Convention on Human Rights,” ombudsman Arman Tatoyan noted in a statement. “This refers to the rights such as protection of personal data, respect for private and family life, freedom and privacy of correspondence.”
Concerns were also voiced by international human rights institutions. Giorgi Gogia, associate Europe and Central Asia director at Human Rights Watch, stressed that the government should enforce strict protocols to minimise the risk of data breaches.
“While Armenia’s authorities have respected Covid-19 patients’ privacy rights thus far, so they don’t undermine the trust needed for an effective public health response, they should explain how they will continue to do so and ensure that these digital surveillance measures are strictly in line with long-established human rights safeguards,” Gogia said.
Artur Sakunts, the chairman of the Helsinki Citizens' Assembly Vanadzor office, said that Armenia should not follow the example of more authoritarian states.
“The bill cites Israel’s experience as a successful example, where the same tool was used first in the fight against extremism and now is being deployed to confront the spread of coronavirus,” he continued. “The same tool was used in authoritarian countries. I do not think that countries like Singapore or Iran should serve as valid examples for Armenia, when these tools are not deployed in democratic states.”
The measures have won some support. Maria Titizian, editor-in-chief of the Armenian outlet EVN Report, argued that such steps may be warranted since people were not taking the crisis seriously enough.
“In the present situation, where parts of society do not comprehend the seriousness of the moment, similar steps make sense,” he said. “We have numerous examples of people who did not comply with guidelines and ended up spreading the virus.”
During the March 31 parliament session, justice minister Rustam Badasyan promised there would be no call tapping and that any data collected would be destroyed no later than one month after the end of the state of emergency.
Lilit Makunts, head of the ruling My Step faction, also confirmed that all the data collected will be eradicated.
“The elimination process will be controlled by the oversight authority – that is by the parliament with all its factions,” she noted.
Such promises have not reassured human rights defenders such as activist Zara Hovhannisyan, who highlighted concerns over what would happen to this data after the crisis passed.
“It is no less important when and how the collected database of personal information will be eliminated so that we do not have problems down the line,” she continued. “There are concerns that these changes will encroach on the confidentiality of personal and family lives.”
“There should have been additional guarantees on how the data will be appropriately stored, not used for any other purposes and will be fully destroyed once the state of emergency is lifted,” agreed Daniel Ioannisyan, programme director of the Union of Informed Citizens. “I do not see similar guarantees and am certain that the National Security Service is not going to erase this data after the end of the state of emergency.”