Home » EDPB_Statement_Covid_19
 Română | English | Francais

sigla_anspdcp_2.png

The new Regulation 2016/679 applicable from 25th of May 2018

 

Complaints

GDPR Complaints

 

Procedure for complaints

Information on the payment of fine by legal entities

Controllers

Data Protection Officer Form

 

GDPR Breach Notification

 

Law nr. 506/2004 Breach Notification

 

GDPR Sanctions

Schengen

 

Schengen

News

Useful Information

 

F.A.Q.

Guidelines Q&A Regulation (EU) 2016/679

Indicative guidelines GDPR

Guidelines on the application of Law no. 363/2018

Useful Links

 

TFTP - Terrorist Finance Tracking Program

 

 

 

Procedure

Forms

Contact

Contact us

Data Protection

Information on the processing of personal data carried out by ANSPDCP

 

Cookies policy

EDPB Statement – the interoperability of Covid 19 tracing apps

 

During the EDPB Plenary, organised remotely on the 16th of June 2020, the Statement referring to the interoperability of Covid 19 tracing apps, based on the Guidelines 4/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak.

The Statement underlines the need to respect the transparency and legality of the processing involved, the rights of users, the observance of the data minimisation principle and the need to ensure the confidentiality. Also, interoperability should not be used as a reason to extend the collection beyond what is necessary.

In this context, we reiterate that, on the 21st of April 2020, the European Data Protection Board adopted Guidelines 4/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak.

These Guidelines were brought to the attention of the general public through the ANSPDCP’s press release dated the 24th of April 2020, stating that it highlights the conditions and the principles of proportional use of location data in order to monitor the spread of the virus, respectively of the detection tools, in order to notify the persons close to other persons found to be infected. On this occasion, the Board emphasised that the use of these data should be done on a voluntary basis by each person and that the persons’ movements should not be monitored and that the principles of necessity and proportionality should be respected when determining the measures for this period.

As such, we draw the attention of the controllers/processors who intend to develop/implement location and tracking apps in the context of Covid 19 outbreak on the necessity to comply with the rules of data protection, with the general principles relating to the processing of personal data, in particular the principles of privacy by design and privacy by default, with the principle of ensuring the security and confidentiality, with the principle of accountability, as well as on the necessity to respect the Guidelines 4/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak.

Thus, we emphasize that, by these Guidelines, it has been established for the tracking apps not to involve the use of location data, but only proximity data, as well as the fact that it is necessary for the controller to perform a data protection impact assessment (DPIA) prior to the implementation of this type of application, pursuant to Article 35 of the GDPR, by taking into account the sensitive nature of personal data processed on a large scale.

 

Legal and Communication Department

ANSPDCP