Following a series of opinions from individual nations’ Data Protection Authorities, the European Data Protection Board (EDPB) has issued long-awaited guidance on compliance with the General Data Protection Regulation under the strain of a pandemic.
The EDPB does not go into detail regarding legal bases but states that:
- GDPR does not get in the way of fighting the global pandemic
- Transparency, proportionality and adequate protections are key
- Mobile device tracking should not be the first option and, if used, should be proportionate and highly scrutinized.