Federal governments, public and personal organisations throughout Europe are taking actions to contain and minimize COVID-19. This can consist of the processing of different sort of individual data.
Andrea Jelinek, Chair of the European Data Defense Board (EDPB), mentioned: “Data security guidelines (such as GDPR) do not hamper procedures taken in the fight against the coronavirus pandemic. However, I wish to highlight that, even in these extraordinary times, the info controller should guarantee the security of the personal details of the details subjects. Therefore, a range of aspects to consider need to be considered to ensure the lawful processing of personal data.”
The GDPR is a broad legislation and likewise uses the guidelines to use to the processing of individual information in a context such as the one connecting to COVID-19. Indeed, the GDPR offers the legal facilities to make it possible for the companies and the competent public health authorities to process individual data in the context of upsurges, without the requirement to acquire the approval of the information subject. This looks for circumstances when the processing of specific data is required for the companies for aspects of public interest in the location of public health or to protect important interests (Art. 6 and 9 of the GDPR) or to stick to another legal obligation.For the processing of
electronic interaction information, such as mobile area information, additional standards use. The nationwide laws carrying out the ePrivacy Direction provide the concept that the place information can only be made use of by the operator when they are made confidential, or with the approval of individuals. The general public authorities must first go for the processing of place information in a private method (i.e. processing information aggregated in a way that it can not be reversed to individual details). This could make it possible for to generate reports on the concentration of smart phones at a particular location(” cartography”). When it is not possible to simply process
anonymous information, Art. 15 of the ePrivacy Direction allows the member mentions to present legal procedures pursuing nationwide security and public security *. This emergency circumstance legislation is possible under the condition that it makes up a necessary, suitable and proportionate measure within a democratic society. If such treatments are presented, a Member State is required to put in location adequate safeguards, such as granting individuals the right to judicial remedy.Update: On March 19th, the European Data Protection Board embraced an official statement on theprocessing of specific
information in the context of the COVID-19 break out. The total statement is used listed below. * In this context, it shall be remembered that securing public health may fall under the national
and/or public security exception. EDPB_Press Release_statement_2020_01 Source