COVID-19 and Tracking Apps: How to Protect Our Data
The European Union is working with Member States to develop effective solutions to track the contacts of sick people. This would facilitate the abolition of the restrictive measures and ensure a safer travel in the EU.
In October, the European Commission launched a portal that links national applications so that travellers can use them while in another country. At the same time, such applications can access data that users would not want to become public. That is why MPs insist that these technologies be carefully designed.
Parliament stressed that any digital solutions against the pandemic should comply with data protection and privacy legislation. MPs say the use of the apps should not be mandatory and should be able to be removed after the pandemic ends.
A resolution, adopted in April, highlights the need of handling anonymised data (which do not allow the identification of individual users) and that, in order to reduce the risk of abuse, the information generated must not be stored in centralized databases.
In addition, MPs are demanding an explanation of how apps are expected to contribute to reducing infections, exactly how they work and who the individuals or companies with specific commercial interests for their developing are.
Tracking applications in the EU
There are already many digital applications that offer tracking and geographical identification of the spread of coronavirus.
Among the most promising from a health perspective are contact tracking apps that use short-range connection technologies like Bluetooth (instead of geo-location) and send warnings to people who have found themselves near an infected person for a certain period of time. These applications can register contacts that the person has not noticed or does not remember and thus limit the spread of the virus. They are considered less risky than apps that monitor people's location and movements in real time and collect information about their health.
The risk of the mobile apps is that they handle sensitive information such as people's health status and location to a greater and lesser degree.
The European Commission has drawn up guidelines and a set of tools for the development of coronavirus-related applications in cooperation with Member States and data protection services in the EU. The purpose of the guidelines is to ensure an adequate level of personal data protection and limit any interference with people's privacy.
The guidelines emphasize that all applications must be fully compliant with EU data protection rules, including the General Personal Data Protection Regulation and the Directive on Privacy and Electronic communications.
On 13 May, the Commission included the tracking applications in its recommendations on the conditions for travel recovery in Europe and indicated that they should be compatible so as people to be able to receive notifications anywhere in Europe. In June, Member States agreed on the compatibility of their mobile applications.
The Chair of the Parliamentary Committee on Civil Liberties, Juan Fernando López Aguilar (S&D, Spain), stressed the important role mobile applications can play in combating the crisis and welcomed the published Commission guidelines. At the same time he pointed out that the fundamental rights and the personal data protection in the EU must be preserved.