European Data Protection Supervisor (EDPS) Wojciech Wiewiorowski has requested nations work together through a single app to track the spread of COVID-19.
With several nations, including Wiewiorowski’s home country Poland, creating apps for Government authorities and consumers to track the spread of COVID-19, the digital economy is searching for solutions. But there are questions as to whether this is being done in the most effective manner.
“Given these divergences, the European Data Protection Supervisor calls for a pan-European model ‘COVID-19 mobile application’, coordinated at EU level,” said Wiewiorowski. “Ideally, coordination with the World Health Organisation should also take place, to ensure data protection by design globally from the start.”
Not only would a pan-European approach to add more depth to the data, it would ensure more eyeballs are evaluating the data sets instead of a fragmented approach with several national apps. Another benefit for Wiewiorowski and his team at the EDPS office is there is less opportunity for data protection rules to be screwed.
Wiewiorowski has spoken about the right to data protection not being an absolute right, but one which should be balanced against the context of societal need. Today, more sensitive data should be opened up for analysis because of substantial public interest. This is how GDPR has been designed; to allow for the necessary and validated application of data analysis.
This is why having a single, pan-European app is more attractive than several different ones. The impact on data protection and privacy principles can be managed more effectively, but also reversed once the crisis has passed. This is a very important element of the opinion which has been offered by Wiewiorowski.
Data is critical to fight the coronavirus outbreak, but any measures taken at European or national level should be:
- Temporary to deal with the outbreak
- Limited to specific purposes
- Access should be limited to specified individuals
- A route back to normality should be planned, including the deletion of data
This is the most important part of the EDPS opinion; the collection and analysis of sensitive information is for the benefit of society. The heightened activities should only be in place because there is a heightened state of requirements. This should not be considered normal, and access should be deescalated once the crisis has passed.
How this process is managed is critical. Taking powers away from authorities is very difficult once they have become accustomed to them, therefore it will have to defined very carefully. The apps to track the spread of the virus are very useful today, but the same applications could be twisted for very nefarious means quite easily. Such insight should not be considered normal, and any other time, would be considered a very dangerous blow to privacy.
This is one area which Wiewiorowski is keeping an eye on, but he is not alone.
“Now more than ever, EFF is dedicated to ensuring that technology supports freedom, justice, and innovation for all the people of the world,” Electronic Frontier Foundation has said in a blog post. “As our society struggles with how to protect public health, we must carefully consider how all manner of government and private decisions may impact our digital rights.”
Data is critical to combatting the coronavirus outbreak, but a careful eye has to be kept on whether the concessions made are eroding long-term privacy rights. The consumers cannot be net-losers from COVID-19.