Following a series of opinions from individual nations’ Data Protection Authorities, the European Data Protection Board (EDPB) has issued long-awaited guidance on compliance with the General Data Protection Regulation under the strain of a pandemic.

The EDPB does not go into detail regarding legal bases but states that:

  •  GDPR does not get in the way of fighting the global pandemic
  • Transparency, proportionality and adequate protections are key
  • Mobile device tracking should not be the first option and, if used, should be proportionate and highly scrutinized.

Read my detailed analysis of the guidance.