Europe will use location data from phone carriers to track the pandemic
While the US government is supposedly still in talks with Google and Facebook about using location data from smartphones, Europe is going straight to the telecoms. After a discussion between the European Commission and eight major carriers, it was decided that Telecoms will share location data with the Commission in a bid to track the spread of the coronavirus on the Continent, AppleInsider reports.
It’s a controversial measure in time of crisis, as it outsteps some of the principles in the European General Data Protection Regulation (GDPR) which ensures data protection and privacy in the European Union. One of the main directives of this law states that “Unless a data subject has provided informed consent to data processing for one or more purposes, personal data may not be processed unless there is at least one legal basis to do so”.
According to the head of European Data Protection Supervisor (EDPS) Wojciech Wiewiórowski, there are still some concerns with how the GDPR laws are drawn. He wrote in a letter to the Commission, that “The EDPS often stresses that such developments usually do not contain the possibility to step back when the emergency is gone,” urging the officials to ensure the deletion of the information once the threat is gone.
Furthermore, Wiewiórowski advised the Commission to limit sharing of private data to authorized experts in epidemiology, data protection and data science. Europe saw a spike in confirmed coronavirus cases in the past few days. The situation in Italy is the most alarming with more than 70,000 cases of coronavirus and 7,503 deaths. Giving health experts information about where people congregate can help build statistical models of the viral spread and act promptly to contain the disease.
There are, however, exceptions to that clause and one of them covers the current health crisis. Article 6(e) allows the processing of personal data “To perform a task in the public interest or in official authority”. The European Commission also stresses that all collected information will be anonymized and deleted after the pandemic ends.
According to the head of European Data Protection Supervisor (EDPS) Wojciech Wiewiórowski, there are still some concerns with how the GDPR laws are drawn. He wrote in a letter to the Commission, that “The EDPS often stresses that such developments usually do not contain the possibility to step back when the emergency is gone,” urging the officials to ensure the deletion of the information once the threat is gone.
Things that are NOT allowed: