A Chinese city says it has destroyed a billion pieces of personal data collected during the pandemic, as local governments gradually dismantle their coronavirus surveillance and tracking systems after abandoning the country’s controversial zero-Covid policy.
Wuxi, a manufacturing hub on China’s eastern coast and home to 7.5 million people, held a ceremony Thursday to dispose of Covid-related personal data, the city’s public security bureau said in a statement on social media.
The one billion pieces of data were collected for purposes including Covid tests, contact tracing and the prevention of imported cases – and they were only the first batch of such data to be disposed, the statement said.
China collects vast amounts of data on its citizens – from gathering their DNA and other biological samples to tracking their movements on a sprawling network of surveillance cameras and monitoring their digital footprints.
But since the pandemic, state surveillance has pushed deeper into the private lives of Chinese citizens, resulting in unprecedented levels of data collection. Following the dismantling of zero-Covid restrictions, residents have grown concerned over the security of the huge amount of personal data stored by local governments, fearing potential data leaks or theft.
Last July, it was revealed that a massive online database apparently containing the personal information of up to one billion Chinese citizens was left unsecured and publicly accessible for more than a year – until an anonymous user in a hack forum offered to sell the data and brought it to wider attention.
In the statement, Wuxi officials said “third-party audit and notary officers” would be invited to take part in the deletion process, to ensure it cannot be restored. CNN cannot independently verify the destruction of the data.
Wuxi also scrapped more than 40 local apps used for “digital epidemic prevention,” according to the statement.
During the pandemic, Covid apps like these dictated social and economic life across China, controlling whether people could leave their homes, where they could travel, when businesses could open and where goods could be transported.
But following the country’s abrupt exit from zero-Covid in December, most of these apps faded from daily life.
On December 12, China scrapped a nationwide mobile tracking app that collected data on users’ travel movements. But many local pandemic apps run by the municipal or provincial governments, such as the ubiquitous Covid health code apps, have remained in place – although they are no longer in use.
Wuxi claims to be the first municipality in China to have destroyed Covid-related personal data from citizens. On Weibo, China’s Twitter-like platform, users called for other local governments to follow suit.
Yan Chunshui, deputy head of Wuxi’s big data management bureau, said the disposal was meant to better protect citizens’ privacy, prevent data leaks and free up data storage space.
Kendra Schaefer, the head of tech policy research at the Beijing-based consultancy Trivium China, said the data collection related to local-level Covid apps was often messy, and those apps were difficult and expensive to manage for local governments.
“Considering the cost and difficulty managing such apps, coupled with concerns expressed by the public over data security and privacy – not to mention the political win local governments get by symbolically putting zero-Covid to bed – dismantling those systems is par for the course,” Schaefer said.
In many cases, she added, the big data departments at local governments were overwhelmed dealing with Covid data, so scaling back simply makes sense economically.
“Many cities have not yet deleted their Covid data – or have not done so publicly – not because I believe they intend to keep it, but because it simply hasn’t been that long since zero-Covid was halted,” Schaefer said.