The European Data Protection Supervisor has published a blog post in which it states that it is rethinking its strategy in light of the coronavirus outbreak. Wojciech Wiewiórowski writes that when the EDPS started its work on the Strategy for the five-year mandate of the European Data Protection Supervisor, one of the first issues discussed was whether it should be either a living document, ready to be changed or adjusted, or a robust, future-proof plan.
The answer was that the strategy should be adaptable to global game changers. The EDPS was confident that it had chosen the right, comprehensive methodology, maintaining some flexibility to cope with unpredictable circumstances. The EDPS had natural disasters in mind that might cause unexpected changes in the legislation at both European and national levels. However, it had not expected a global pandemic.
The blog post mentions the fact that it was unimaginable that the external borders of the EU would be closed, that the Schengen area would stop operating as such, and that reasonable people would start asking internet and telecom operators to possibly track each and every person in Europe using his or her mobile location data in real time, and to create a diagram representing all physical interactions between people over the last few days.
Some people praised the EDPS when it published its blog post on the dangers of facial recognition in public spaces a few months ago. Other people laughed when it presented the employees emotion-tracking system implemented by one European bank. Yet the blog post points out that many of these people would argue today that those who should be in quarantine should be automatically identified and intercepted in the streets and that each public building should be equipped with infrared sensors, enabling accurate non-contact temperature measurement.
Therefore, Covid-19 is a game changer.
The EDPS has to rethink the text of its strategy and there will be a new stage in the discussion about fundamental rights. Once this discussion is complete, the EDPS will issue a revised EDPS Strategy for 2020-2024, at the beginning of May.
Separately Wojciech Wiewiórowski has given a speech in which he calls for an EU-wide approach and solution to coronavirus, and in particular a coordinated approach to any app, including with EU partners (including the UK) and the World Health Organisation, to ensure that data protection is built into any such app from the start, instead of each member state building its own. Any interference with data protection rights should be time-limited and purely for the purposes of combatting the virus.