With COVID-19, privacy is more central than ever before

(May 27, 2020) Last year, with the shockwaves of the Cambridge Analytica scandal still echoing, the U.S. Federal Trade Commission fining Facebook $5 billion, and the U.K. Information Commissioner's Office announcing its intention to fine British Airways and Marriott hundreds of millions of pounds, we thought privacy had reached its zenith. California privacy advocates were stirring Washington, D.C., into legislative action, Brazil and India competing to put in place comprehensive privacy laws, 500,000 organiza... Read More

How function creep may cripple app-based contact tracing

(May 27, 2020) The U.S. is in the throes of a pandemic caused by the SARS-CoV-2 virus, COVID-19. Realizing that long-term lockdowns are not sustainable, governments are seeking alternative methods of controlling the pandemic. “Testing and tracing” has been touted as a way to reopen economies with the pandemic still raging. While testing has its own set of privacy challenges, the methods discussed to accomplish contact tracing are rife with problems. In simple terms, contact tracing involves determining who ha... Read More

Peru: Employers can process sensitive data without consent for now

(May 27, 2020) The recent publication of the "Guidelines for Health Surveillance of Workers at Risk of Exposure to COVID-19" and the imminent economic reactivation of the country raised a number of questions and concerns regarding the correct treatment of the personal data of employees that would be subject to the monitoring of their health condition. That led the National Authority for the Protection of Personal Data to issue the non-binding Advisory Opinion No. 32-2020-JUS / DGTAIPD, which addresses these ma... Read More

Perspective: EU contact tracing apps should be enabled by default

(May 27, 2020) Mobile contact tracing apps will likely play an important role in tracking the spread of COVID-19 as European governments start easing lockdown restrictions. In this piece for Privacy Perspectives, Information Technology and Innovation Foundation's Daniel Castro and Eline Chivot explain why the European Commission's focus on consent may not be the best avenue to take with the apps going forward. "Leaving it up to individual users to choose to opt in to such an app would be a mistake," they write... Read More

The latest COVID-19 contact tracing updates from France, India, Lithuania and more

(May 27, 2020) Countries around the world continue to grapple with COVID-19 contact tracing apps and their privacy applications. Here are the latest developments regarding the deployment of those apps: The French data protection authority, the CNIL, published its opinion on the implementation of the StopCovid tracing app. (Original post is in French.) Switzerland's Federal Data Protection and Information Commissioner announced the SwissCovid tracing app has entered the test phase and explained its function... Read More

Turn contact tracing apps on by default — Europeans shouldn’t need to opt in

(May 27, 2020) As European governments start easing lockdown restrictions, developing an effective contact tracing strategy has become a top priority to prevent a new surge of COVID-19 outbreaks. A key part of this strategy will almost certainly involve mobile contact tracing apps that automatically notify users who have encountered someone diagnosed with COVID-19. Unfortunately, the European Commission’s guidance issued in April recommends that, in line with the EU General Data Protection Regulation, users “s... Read More

Data-sharing allegations against COVID-19 contact tracing app refuted

(May 26, 2020) Allegations that the North Dakota COVID-19 contact tracing app, Care19, shares data with location platform Foursquare are being refuted, MediaPost reports. Gov. Doug Burgum, R-N.D., said the app does not “require or utilize” names, addresses, emails, phone numbers or other personal information, and location data is “held securely.” The data is not “being shared or sold for commercial purposes,” he added.Full Story... Read More

Firm apologizes for sharing contact tracing workers' emails

(May 21, 2020) U.K.-based outsourcing firm Serco apologized for sharing the email addresses of 300 contact tracing workers, BBC News reports. Serco, which is hiring, training and operating 15,000 contact tracers for the government, erred in revealing every recipient in an email to new trainees. A staff member notified the Information Commissioner's Office. Meanwhile, the Hamburg Commissioner for Data Protection and Freedom of Information published guidance on data processing during the pandemic. Editor's note:... Read More

The politics of US privacy legislation during COVID-19

(May 21, 2020) While COVID-19 has brought about changes to our daily lives, "it has not brought U.S. Congress any closer to bridging the partisan divide over the shape and scope of federal privacy legislation," writes IAPP Senior Westin Research Fellow Müge Fazlioglu, CIPP/E, CIPP/US. In this piece for Privacy Perspectives, Fazlioglu looks at the provisions that are still causing a bipartisan divide and why "establishing baseline privacy protections at the federal level would be one way to alleviate growing di... Read More

The latest COVID-19 contact tracing updates from Norway, the Philippines, UK and more

(May 21, 2020) Countries around the world continue to grapple with COVID-19 contact tracing apps and their privacy applications. Here are the latest developments regarding the deployment of those apps: Apple and Google announced authorities from 23 countries have sought access to the companies' contact tracing technology, Reuters reports. The two companies also announced the launch of "Exposure Notification" technology designed to inform individuals they have been in contact with someone who has COVID-19 i... Read More