A woman wearing a face mask checks her mobile phone outside La Scala, which was closed by authorities due to the coronavirus, in Milan, Italy, February 24, 2020.

Netease Technology News March 11 news, according to foreign media reports, the new crown virus epidemic control actions of European Union countries have not been hindered by privacy protection regulations, but if the use of smartphone location data is used to conduct tracking of people’s movements and contacts. Large-scale tracking, that is a clear violation. What should employers and governments do?

Tech enthusiasts support the use of this type of data to reconstruct the movement trajectories of people who have been exposed to coronavirus cases and identify others at risk of infection. Privacy advocates counter that this amounts to digital surveillance of people, which is unacceptable in Western democracies.

Under the EU’s General Data Protection Regulation (“GDPR”), which came into effect in mid-2018, people’s data is theirs, and anyone trying to access and process it needs their prior consent.

What should employers do?

Businesses should take action to minimize both the risk of virus infection and the risk of privacy violations. Businesses can obtain information on whether employees have traveled to areas with confirmed cases of the coronavirus, according to law firm CMS.

They may also need to collect some systematic data, such as through workplace questionnaires or asking employees to report on their travel plans.

Articles 6 and 9 of the GDPR cover this. These two are about workplace health and safety and the use of preventive or occupational medicine to address serious cross-border health threats.

What can an employer not do?

The French National Commission for Freedom of Information (CNIL) said employers must not compulsorily measure the temperature of employees or visitors, or require them to fill out mandatory medical questionnaires.

In practice, this means that corporate front-office staff can only take a visitor’s temperature in certain circumstances, as it may require handling only doctors The right to process health data.

Can European Governments Override GDPR?

Italy, Europe’s worst-hit country from the coronavirus, has passed emergency legislation requiring anyone who has recently stayed in an area at risk of the outbreak to notify health authorities, either directly or through their doctor.

Meanwhile, Germany has recently added language specifically to its GDPR enabling legislation to authorize the government to process personal data during epidemics, natural or man-made disasters, Luz said.

Does smartphone tracking help?

The director of Germany’s leading public health agency, the Robert Koch Institute, suggested last week that location data from smartphones could be used to track people as a tool to control the spread of the outbreak. But the suggestion caused an uproar.

The technology already exists — for example, the Google Maps service uses GPS location data from smartphones to estimate traffic congestion and calculate travel times.

A Hamburg-based geo-tracking startup called Ubilabs is working with the Hannover Medical School to develop a data analysis platform to track those patients who have tested positive for the new coronavirus and who have been in contact with them, Germany’s “Daily Mirror” reported on Tuesday. people.

How can cell phone tracking be GDPR compliant?

Federal data protection officer Ulrich Kelber told Reuters that such smartphone tracking would likely require people’s consent to have a valid legal basis.

Kerber said any tracking-based system would need to go through a detailed analysis to ensure that data protection is at an acceptable level. It should also be well-scaled, considering whether the collected location data is accurate enough for its intended use and whether there are less intrusive ways.

What about other regions?

The Alipay traffic-light-style health code system is being rolled out in many parts of mainland China, using smartphone software to determine whether people can go out or meet others. The system generates red, yellow and green QR codes based on personal data and information filled in by users, and divides users into high-risk, medium-risk and low-risk personnel. “Red code” and “Yellow code” will be banned from going to restaurants, shopping malls and other public places for 14 days and 7 days respectively.

In Taiwan, visiting tourists need to download a questionnaire using a QR code, filling in information on which airport they came from, travel history in the last 14 days, health symptoms, and more.

Those tourists assessed as low risk will receive a text message telling them they are free to travel. Those deemed at risk were asked to self-isolate for 14 days, and their compliance was monitored based on location data from their smartphones.