For each new transmission of coronavirus, imagine the “tick tick tick” of a stopwatch. At least 2 million adults in the US could require hospitalization over the course of the pandemic, the Centers for Disease Control and Prevention estimates; that’s more than double the nation’s supply of hospital beds. Curfews and social distancing will hopefully help mete out the number of infections slowly—because 2 million patients over 18 months will be more manageable than 2 million over six months. Yet all such predictions are essentially guesswork at this point.

Leaders are looking for guidance on when to close schools or order residents to shelter in place, and whether the measures they’ve already taken are working. Early research on coronavirus suggests that isolating people soon after they become symptomatic plays the “largest role in determining whether an outbreak [is] controllable.”

Officials have a powerful potential surveillance tool unavailable in past epidemics: smartphones.

Government officials are anxious to tap the information from phones to help monitor and blunt the pandemic. White House officials are asking tech companies for more insight into our social networks and travel patterns. Facebook created a disease mapping tool that tracks the spread of disease by aggregating user travel patterns.

Such efforts clash with people’s expectations of privacy. Now, there's a compelling reason to collect and share the data; surveillance may save lives. But it will be difficult to draw boundaries around what data is collected, who gets to use it, and how long the collection will continue.

Read all of our coronavirus coverage here.

One concern: Data collected for one purpose can later be used for another. Privacy experts say transparency is crucial if typically private information is harnessed for public health. Data used to fight Covid-19 could be reused for something else down the road.

“What's really important is for the government to be really clear in articulating what specific public health goals it's seeking to accomplish,” said Kelsey Finch, senior counsel at the Future of Privacy Forum, an industry-backed group focused on tech policy. “And how it's limiting the collection of personal data to what's necessary to achieve those very specific goals, and then making sure that there are appropriate privacy safeguards put in place before data starts to change hands.”

Even anonymized, aggregate data can inform health efforts. Consider a scenario where city officials close bars and restaurants for a weekend, hoping to reduce the number of new coronavirus infections. But instead, infections increase. Some may be the result of exposures days earlier, but tracking where people went over the weekend could reveal new transmission hot spots.

Some lawyers and academics have suggested that public health officials tap the geofencing capability of phones, to learn who may have been near people infected with the virus. Police have relied on geofencing in investigations, using broad warrants to request information on every smartphone near a crime scene.

Last May, police requested location data from every “Google account that is associated with a device” within 150 meters of a bank robbery. In theory, Google could notify users whose phones were recently near an infected person. Google didn’t respond to a request for comment.

There’s already legal debate over whether such actions would overstep the Fourth Amendment’s restrictions on the government’s ability to search private property. Evan Selinger, a privacy expert and philosophy professor at the Rochester Institute of Technology, says partnerships between tech companies and government agencies could create a "Covid-19 response infrastructure" that incentivizes companies to "find creative ways to benefit from mission creep.”

Some privacy scholars question whether enhanced surveillance in the name of fighting disease can be dialed back once the danger has passed.