Privacy and Data Protection in the age of COVID-19

Fundamental questions and considerations

The sudden global outbreak of COVID-19 has brought tremendous challenges to our day-to-day lives. In order to contain and mitigate the threats of the virus, governments and organisations have taken measures that can be privacy invasive. In this article, we zoom in on a few fundamental questions and considerations that arise on the interplay between privacy and data protection on the one hand, and the protection of public health on the other.

Balancing fundamental rights

A global health crisis

Governments as well as public and private organisations have introduced several measures to tackle this crisis and help limit the spread of COVID-19. From social distancing to (where possible) mandatory teleworking, discontinuing nonessential physical meetings, and promoting hand hygiene protocol, the way we live and work has changed. 

The enforcement of these measures can entail privacy-invasive actions, such as questioning individuals about their professional and private travel plans, performing temperature checks, and keeping health records together with information about possible contact with infected individuals outside the workplace. 

Privacy and Data Protection in the age of COVID-19

Protecting health and privacy 

Organisations should be aware that certain measures do have an impact on the privacy of individuals and that they have a choice where to draw the line between safety measures benefiting public health and invasive controls impacting the privacy of individuals. 

Topics covered in this article:

  • Measures taken by public authorities to contain COVID-19 and their privacy implications;
  • Processing of health related personal data by public institutions;
  • Processing of health related personal data by private companies;
  • Guidance from national Data Protection Authorities on personal data processing relating to COVID-19.
Did you find this useful?