Britain’s new £1 billion ($1.3m) pandemic strategy treats a future outbreak as a “certainty” and proposes building a contact tracing system that would feed on real-time location data harvested with the help of Silicon Valley’s biggest companies.
The plan, published by the Department of Health and Social Care, also calls for PPE stockpiles, new emergency legislation, and a biosecurity research hub in Essex.
But the centerpiece that deserves the most scrutiny is the contact tracing proposal, which would create a surveillance architecture designed to track the movements of millions of people, ready to switch on at a moment’s notice.
The UKHSA will run the new system, which the strategy document says will use “live location data” and artificial intelligence to provide “a more rapid, large-scale detection and alert system during pandemics.”
Reclaim Your Digital Freedom.
Get unfiltered coverage of surveillance, censorship, and the technology threatening your civil liberties.
The agency plans to “explore options to work with ‘big tech'” to build it, with deployment targeted for 2030. The government is pre-building a location surveillance system in partnership with companies whose entire business model depends on harvesting as much personal data as possible.
The strategy doesn’t name which companies, what data-sharing agreements would look like, or what happens to your location history once the pandemic ends.
The UK government has already tracked its own citizens through their phones without telling them. A 2021 report by the Scientific Pandemic Influenza Group on Behaviors (SPI-B) revealed that government-funded researchers tracked one in ten people in Britain via their mobile phones in February of that year, without the users’ knowledge or permission.
Researchers used cell phone mobility data to select over 4,200 vaccinated individuals, then monitored them through 40 call data records with corresponding location observations. The data was used for behavioral analysis, tracking radius of movement on vaccination day, whether people visited businesses during opening hours, and whether they went straight home afterwards. None of this was made public at the time.
When the tracking came to light, a spokesperson for Big Brother Watch said citizens would be “disturbed to discover they were unwittingly tracked and subjected to behavioral analysis via their phones.”
“No one expects that by going to get a vaccine they will be tracked and monitored by their own Government,” the spokesperson said. “This is deeply chilling and could be extremely damaging to public trust in medical confidentiality. Between looming Covid passports and vaccine phone surveillance, this Government is turning Britain into a Big Brother state under the cover of Covid. This should be a wake up call to us all.”
The government’s defense was that the data was collected at cell tower level, not the individual level, and that it was “GDPR-compliant” data provided by a company that “collected, cleaned, and anonymized” it.
A government spokesperson said “the mobile phone location data used is GDPR-compliant and has been provided from a company that collected, cleaned, and anonymized the data” and that “the data is at cell tower rather than individual level and the researchers were granted access to the dataset under a research contract with ethical approval provided to the researchers from the University of Oxford, working on behalf of SPI-B.”
That defense tells you everything about how the government thinks about location surveillance. It tracked millions of people and called it ethical because a private company “anonymized” the data first. It monitored the movements of vaccinated individuals and called it acceptable because the tracking happened at cell tower resolution rather than GPS precision. The distinction between “cell tower level” and “individual surveillance” is thinner than the government wants you to believe.
Cell tower data can still reveal where you live, where you work, and what you do on a given day, especially when cross-referenced with other datasets. The fact that a private company sat between the government and the raw data doesn’t change what happened: people went to get vaccinated, and their government secretly tracked where they went afterwards.
That history makes the new strategy’s contact tracing plans look less like pandemic preparedness and more like the next step in normalizing population-level location surveillance.
The 2021 tracking was done covertly, without legislation, using data purchased from a private company. The new strategy proposes formalizing this kind of capability, building it into permanent government systems, and enlisting “big tech” to run it at scale. What was done secretly during Covid is now being written into official policy.
During the pandemic, the UK’s first attempt at a centralized contact tracing app collapsed under its own privacy problems. The government’s original NHSX app tried to store user data on a central server, a design so invasive that Apple and Google refused to let it run properly on their operating systems.
