Keynote speech by Wojciech Wiewiórowski delivered at the ENISA Annual Privacy Forum (via videolink), Brussels, Belgium
EDPS response to the COVID-19 outbreak
'The outbreak of Covid-19 is affecting our lives at an unprecedented pace. It is testing the resilience of our societies as we respond to this global crisis and try to contain its consequences, both in the short and in the long run'.
Wojciech Wiewiórowski, European Data Protection Supervisor
Covid-19 outbreak is also testing fundamental rights to data protection and privacy. EU Member States, EU institutions and Big Tech companies are trying to explore solutions to tackle the uncontrolled spread of the virus.
In the past weeks, contact tracing apps and data localisation have become a constant topic in the political agenda of the Union. Such technologies may have strong consequences on EU citizens’ lives and lead to growing inequalities.
The EDPS is cooperating with the EU institutions and the European Data Protection Board to ensure fundamental rights to be respected.
As a result, we established a Covid-19 task force to follow developments and to prepare for the future of data protection and privacy after Covid-19 crisis.
EDPS activities and action plan
In response to the COVID-19 outbreak, the EDPS has decided to activate its Business Continuity Plan. All EDPS staff have been teleworking as of 13 March 2020.
Read more below
- EDPB Response to Ms Scarafia's letter regarding Amazon and COVID-19 (19/05/2020)
- EDPB Statement on the processing of personal data in the context of reopening of borders following the COVID-19 outbreak (16/06/2020)
- EDPB Statement on the data protection impact of the interoperability of contact tracing apps (16/06/2020)
- EDPB Statement on restrictions on data subject rights in connection to the state of emergency in Member States (02/06/2020)
- EDPB Response to the MEP Sophie in't Veld's letter on the use of apps in fight against coronavirus (24/04/2020)
- EDPB response to Mrs Ďuriš Nicholsonová and Mr Jurzyca's letter on common guidance in the fight against the COVID-19 pandemics (24/04/2020)
- EDPB Guidelines on processing of health data for research purposes and on geolocalisation and tracing tools (22/04/2020)
- EDPB Guidelines on the use of location data and contact tracing tools in the context of the COVID-19 outbreak (21/04/2020)
- EDPB Letter concerning the European Commission's draft Guidance on apps supporting the fight against the COVID-19 pandemic (14/04/2020)
- Global Privacy Assembly resources COVID-19
- Digital Solutions to Fight COVID-19 (2020 Data Protection Report), Council of Europe
Blogpost: Carrying the torch in times of darkness
Global Privacy Assembly Closed Session 2020 - At your desk
When: 13-15 October 2020
Where: Online session
The newly renamed Global Privacy Assembly (formerly known as International Conference of Data Protection and Privacy Commissioners - ICDPPC) took place this year 2020 during the period from October the 13th to October the 15th. This year's event wasn't immune to the COVID-19 pandemic currently occurring. Consequently the place of the event, which initially was planned to be held in Mexico City, had to be changed to a virtual setting, making it the first time that such an occasion was organized online.
Following you can find the resolutions adopted during this year's GPA:
A number of European institutions, agencies and bodies (EUIs) have implemented body temperature checks as part of the health and safety measures adopted in the context of their “return to the office” strategy as an appropriate complementary measure, among other necessary health and safety measures, to help prevent the spread of COVID-19 contamination.
At the same time, systematic body temperature checks of staff and other visitors to filter access to EUIs premises may constitute an interference into individuals’ rights to private life and/or personal data protection. The EDPS observes that body temperature checks can be implemented through a variety of devices and processes that should be subject to careful assessment. The EDPS has decided to issue the present orientations to help EUIs and Data Protection Officers (DPOs) meet the requirements of Regulation (EU) 2018/1725 (the Regulation), where applicable.
In this newsletter, we cover the EDPS Strategy 2020-2024 focusing on Digital Solidarity. As well as, in the context of The Hague Forum, a report on the use of Microsoft products and services by the EUIs. Finally, the EDPS published a report accompanied by a factsheet and video on Data Protection Impact Assessments and the EDPS/EDPB trainees organised a conference on Data Protection in times of COVID-19.
The European institutions, bodies and agencies have had to react to the COVID-19 crisis not only in their policy roles, but also in their roles as employers. Changes in operations, such as moving the vast majority of staff to remote working have raised numerous questions on which EUIs consulted the EDPS.
This document compiles the advice given on questions such as teleworking tools, staff management, health data aspects and replying to data subject access requests.
This document builds on the experience of the past months and addresses the issues that were raised to us or encountered by us and is still relevant because telework will most likely be a big part of the ‘new normal’ for EUIs work.