The Safer Illinois app’s building access function
In August, 2020, the University of Illinois at Urbana Champaign (UIUC) opted for a hybrid in-person/online semester. The decision to partially reopen was made possible by the innovative SHIELD: Target, Test, Tell initiative. A crucial part of this program was the Safer Illinois app, a health-tracking app designed in-house through a murky public-private relationship between the private company ROKMETRO and the UIUC-based ROKWIRE initiative. UIUC alumnus John Paul was involved in creating both the company and the university initiative. Safer Illinois provides users with COVID-19 symptom tracking, monitors COVID-19 exposure, and organizes COVID-19 saliva-test results and communications with health officials. Since then, UIUC has been making plans to sell its COVID-19 testing and monitoring infrastructure to similar institutions. (See also here.)
While COVID-19 provided an impetus for rolling out the app, its development started before the pandemic. The app’s beginnings (as the Illinois app) can be found in the numerous public-private relationships that have made the campus a hot spot for new information technologies, student-data extraction, and market experimentation.
With the pandemic, UIUC fit the app to the alleged needs of the moment. Safer Illinois entered into students’ lives, homes, classrooms, and campus—bringing the violence of the border with it.
Although UIUC’s SHIELD initiative justified the partial opening of the campus, this accomplishment came at a price: the lack of public accountability and oversight. Due to the legal nature of the public-private relationships associated with the SHIELD initiative, multiple requests by concerned campus community members regarding details of the app and the initiative itself have gone unanswered.
The SHIELD initiative uses ROKWIRE’s (UIUC) platform, which is a version of ROKMETRO’s (private) open-source “ecosystem.” ROKWIRE is a UIUC smart-city initiative developed prior to the pandemic. It includes the Illinois app, which students can download to gain access to campus resources. But ROKWIRE also offers the campus as a testbed for companies and product testing. (See the “sandbox” video here.)
Before the pandemic, UIUC planned to institute ROKWIRE’s Illinois app as “the official mobile app of the University of Illinois at Urbana-Champaign.” These plans included a summer, 2019 procurement for ROKWIRE, and UIUC awarded a $13-million contract to Bureau Gravity to help market the app.
ROKWIRE pitches its products to a UIUC official
Eventually, this app figured in the COVID-19 reopening strategy. Initial plans were designed to require all students to download the Illinois app to obtain access to the university’s COVID-19 testing program and, thus, to campus. However, these plans were successfully challenged by the Graduate Employees’ Organization (GEO) and some members of the university’s senate who expressed privacy concerns related to the app. Together, they forced the university to lift the mandate requiring the downloading and use of the app.
In response, the university created a second app: Safer Illinois. Administrators claim that Safer Illinois, although related to the Illinois app, is not directly tied to the university’s profit-generating plans. Yet conflicting details on the app’s privacy and consent webpages suggest otherwise.
Even more concerning is the potential availability of the Safer Illinois data to government agencies such as ICE. In 2018, the MIT Technology Review reported that ICE was accessing immigrant data through Palantir’s Integrative Case Management system, which then stored its data on the federally authorized Amazon Web Services (AWS). This is the same cloud service that UIUC uses to host the data from the Safer Illinois app. The proximity of these datasets is alarming, especially because the way these “public-private” contracts operate allows no public oversight or accountability.
What UIUC has failed to acknowledge is that these data-storage practices have the potential to compromise the privacy and security of vulnerable populations like Deferred Action for Childhood Arrivals (DACA) students. Indeed, CNN has reported that despite federal law that protects DACA information from ICE, ICE does have access to this data.
Even though the Safer Illinois app claims robust data privacy, it is required to follow the University of Illinois System Privacy Statement. This allows for the sharing of information with “US, state, local, and foreign government entities.” This data sharing has potentially devastating consequences for the DACA and undocumented UIUC community.
The potential surveillance capacity of UIUC’s Illinois and Safer Illinois apps challenges us to reflect on the many ways in which borders are realized. Border scholars have expanded the definition of the border so that it does not so much refer to states’ official territorial limits as to their practices of managing migration, often far from these official borders. In this sense, borders extend outward to allow for maritime interceptions and for immigration enforcement carried out by foreign governments and private actors. They also extend inward, through the 100-mile border zone that allows US Customs and Border Protection to set up checkpoints and conduct routine searches without Fourth Amendment safeguards. Borders also insidiously intrude into our everyday lives.
Meanwhile, biometric surveillance, information technology, and computational power have advanced in recent decades. Combined, these advances allow for complex, high-tech borders and increasingly fine-grained migration management. This is not a simple case of whether borders are almost ever entirely open or closed. Rather, amplified by this new tech, borders are filters that interact with the legal statuses that they both detect and assign (e.g., citizen, permanent resident, temporary worker, refugee, or unauthorized immigrant).
This “smart” border is no longer localized in official ports or checkpoints. Instead, it is deployed strategically with precision in our cities, workplaces, and schools, facilitated by everyday objects such as our mobile phones.
In recent years, the private sector has rushed to profit from data collection. This private collecting has been a crucial site where the US Department of Homeland Security and Immigration and Customs Enforcement (ICE) surveil, monitor, track, detain, and deport migrants. ICE is particularly eager to access private databases that do not face the same restrictions as those of government agencies in data collection.
COVID-19 tracking apps are by no means the only problematic technology on campus. As university legal communities have pointed out, legal-research tools like Westlaw (owned by Thomson Reuters) and LexisNexis (owned by RELX) share their data with the data-analytics contractor Palantir. Palantir in turn provides tools to ICE to facilitate the deportation and detention of immigrants. And, as noted above, ICE does not only access data through Palantir. The agency already uses and accesses the same servers and datasets that are employed by UIUC.
How to stop such private surveillance for public violence (the potential harassment and deportation of the undocumented)? Our ability to influence national legislation or the administration of powerful agencies such as the Department of Homeland Security is diffuse. (That said, we should not overlook opportunities to support campaigns by organizations such as Mijente, the Electronic Frontier Foundation, and the ACLU.)
Even so, the critical response to UIUC’s experiment has, for now, been successful. How the UIUC campus reversed the requirement to use the Illinois app reveals that people can take action to protect themselves and the most vulnerable members of their community. Workers, students, and community members wield considerable power in their organizations and communities.
Universities must also be clear and direct about their intentions and plans for data collection. Current privacy laws are insufficient against technically legal but nonetheless predatory practices. In today’s legal landscape, once consent is given and a student’s data hits the market, there is little protection with regard to who can access the data and how they use it.
The politics of data collection has differential consequences for individuals and their social networks. Universities cannot assume that student-data collection is safe for every student.
Because of these high stakes, it is even more urgent to treat universities and other organizations as sites for mobilization. Data justice, campus organizing, and immigration justice are closely intertwined. Universities are key spaces for such collective struggle.
A longer version of this article was previously published in Public Books, a magazine of ideas, arts and scholarship.
Daniel Gonzalez is a Ph.D candidate in the Department of Geography and Geographic Information Sciences at the University of Illinois at Urbana-Champaign. He is currently finishing his dissertation, “Logistical Borderlands: The Department of Homeland Security’s Data Infrastructures and Circular Networks of Migrant Management.”
Alex Sager is associate professor and chair of the Department of Philosophy at Portland State University. He is the author of Against Borders: Why the World Needs Free Movement of People and Toward a Cosmopolitan Ethics of Mobility: The Migrant’s-Eye View of the World.
1,250 total views, 1 views today