You may have heard that Israel has started processing cellphone data in order to track contacts and movements of individuals who are positive to Covid-19 in order to trace other people with whom they have come into contact.
The European Data Protection Board has just issued an opinion on data protection and Covid-19 stating that:
– Insofar as possible, processing of data should be anonymous;
– “When it is not possible to only process anonymous data, Art. 15 of the ePrivacy Directive enables the member states to introduce legislative measures pursuing national security and public security. This emergency legislation is possible under the condition that it constitutes a necessary, appropriate and proportionate measure within a democratic society. If such measures are introduced, a Member State is obliged to put in place adequate safeguards, such as granting individuals the right to judicial remedy.”
If you have some time to reflect on the privacy aspects of the coronavirus, you may be interested in checking the varied approach of different EU Data Protection Authorities.
– Belgium: https://www.autoriteprotectiondonnees.be/covid-19-et-traitement-de-donn%C3%A9es-%C3%A0-caract%C3%A8re-personnel-sur-le-lieu-de-travail
– UK: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/03/data-protection-and-coronavirus/
– France: https://www.cnil.fr/fr/coronavirus-covid-19-les-rappels-de-la-cnil-sur-la-collecte-de-donnees-personnelles
– Germany: https://www.bfdi.bund.de/DE/Datenschutz/Themen/Gesundheit_Soziales/GesundheitSozialesArtikel/Datenschutz-in-Corona-Pandemie.html