TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Privacy Perspectives | COVID-19: A stress test for fundamental rights and freedom Related reading: Sharing COVID-19 data with government authorities: Guidance from DPAs

rss_feed

""

GDPR-Ready_300x250-Ad
PrivacyTraining_ad300x250.Promo1-01

The COVID-19 pandemic has created a perfect storm in Europe, especially in Italy, where the health of all citizens is undermined, along with the fundamental rights and constitutional freedoms we have taken for granted since the end of World War II. We have been treating those rights and freedoms as a commodity. Not to mention the economic consequences from the reduction or the complete loss of work and the risk of general impoverishment. It has affected everyone from artisans to commercial enterprises. 

We at Panetta & Associates in Rome began working remotely in early March. While the rest of the world was in denial about COVID-19, Italian public health institutions realized that something strange was happening in the Northern Italian regions, and eventually the police and Red Cross began monitoring the temperatures of all travelers in the airport.

During the “emotional bubble” of these days, I spent time reading to stay informed about the pandemic, listening to a lot of music, and continuing to stand for my clients and companies that have asked for our support. After this period of reflection, I would like to offer my point of view to the debate threatening the fundamental rights and privacy for the use of technology during the pandemic.

I have to say that the absence of strong privacy voices, like those of EU Charter of Fundamental Rights co-author Stefano Rodotà and former European Data Protection Supervisor Giovanni Buttarelli, is strongly felt as they would help us understand how to balance and safeguard our fundamental freedoms and rights. 

COVID-19 and the Italian Constitution

In Italy, where the outbreak was detected early and lockdown was first introduced, there have never been so many restrictive rules adopted that have had a widespread impact on the entire range of our constitutional rights. 

Since these provisions were first adopted for the protection of public health and in the interest of the community (Article 32 of the Constitution), we have gradually witnessed a number of restrictions to our freedom, including the limitation of the right to work, freedom of religious worship, free movement on the territory of the state, the right to meet in public places and hold activities, the right to take legal action and defend in court, the right to education, the right to strike, free economic initiative, and the right to vote.

This compression is unprecedented in our Republican history. We must go back to the era of the fascist dictatorship during WWII to find such restrictions. Although now we are in a totally different situation in which a state of necessity — the pandemic — is the reason for the limitation, which is in full accordance with the Italian Constitution and other EU laws, including the EU General Data Protection Regulation.

Privacy or health

On the basis of the limitation of the fundamental rights and freedoms, there is a material activity that no one today can’t live without, which is the use of an individual’s personal information. The topic of processing personal data is significantly important and cannot be reduced to a plain challenge between the right to health and the right to privacy. However, that changes when there is a pandemic like the one we are experiencing now — there would not be any preferences or challenges to this, since the right to health for every individual prevails above all other rights, without deleting them at the same time.

Despite being painful, this limitation of our freedom is legitimate and justified by the balancing exercise of interests brought into play by the government through urgent acts issued over last weeks in the form of Law Decrees and Decrees of the Presidency of the Council of Ministers.

However, we must ask ourselves how far can fundamental rights be compressed without being compromised?

The stress test of rights

This unintentional constitutional stress test is working for now, but we do not know for how long. However, public debate is struggling with the dichotomy between public health and the right to privacy. These intertwine with using technology, such as mobile apps for contact tracing to limit the movements of individuals who may have come into contact with patients who have tested positive for COVID-19. Tracking and geolocation technologies and control and data analysis are nothing new — we have all used these tools for quite some time now.

The use of these tools would further compress various fundamental rights and freedoms, starting with the limitation of the right to protection of personal data and its safeguards, as required by the GDPR and the Italian Privacy Code.

The practical problem

From an operational point of view, it is important, even in the context of a full emergency, to practice data minimization, especially when tracking sensitive health data. These apps should use pseudonymization by default and, in some cases, anonymization and must also limit the use and dissemination of data only to institutions responsible for public health (civil protection and health authorities). In this respect, it is important to think about using as much synthetic data as possible and to implement differential privacy measures.

Another theme relates to data retention both in terms of how it is stored and for how long, as well as a prohibition for secondary use of personal data before being fully anonymized. Of course, the processing of personal data, especially in complex circumstances and with a large amount of data that needs to be collected and analyzed, does not always facilitate such actions.

But it is here that we measure the work of the system, especially the ability of companies and public administrations to show that they have not thrown away, for instance, the lesson learned from the last three years of "GDPR care."

The hard test of ethics

On the other hand, a more difficult and sensitive issue remains open: the ethical issue related to the use of similar technologies.

While the law evolves through interpretations and continuous balancing of interests and freedoms and rights that are sometimes in conflict with each other, ethics has a more absolute character, as the only parameter of assessment is the full respect for human dignity.

It is no coincidence that ethical thinking seeks to limit discrimination, stigmatization and marginalization using criteria that are now legal, sociological and philosophical.

During this time of reclusion, I am finalizing the drafts of many ethical opinions, both as a writer and member of the evaluation panel for the European Research Council Executive Agency of the European Union.

The ethical evaluation intertwines and feeds on elements of fact and law but still holds the principles of nondiscrimination and the risk of social stigmatization, behind every research project that is being evaluated.

On the other hand, we must never forget the teaching that Stefano Rodotà left us in this regard, who often loved to repeat that "not everything that is technologically possible is also socially desirable, ethically acceptable and legally legitimate."

We must meditate on that, especially considering that while I am writing, in Italy, as well as in most EU countries, the radicalization of the public health versus privacy debate, due to the current outbreak and the possible use of these apps, is compounding public opinion by introducing dangerous authoritarian voices in the debate.

Photo by Elton Sa on Unsplash

Comments

If you want to comment on this post, you need to login.