Mobile apps to track coronavirus cases in Europe should keep as much data as possible on the user’s device rather than in a central server to best maintain individual privacy, an EU document says.
European countries hope that rolling out mobile apps to track coronavirus cases will make it easier to lift the lockdown orders that have crushed European and world economies.
But the EU, which has some of the strongest data protection rules in the world, is keen to ensure that such systems do not compromise privacy by allowing unauthorised access to sensitive data.
Commission Vice President Vera Jourova said the success of tracing apps in combating the novel coronavirus depends on gaining Europeans’ trust.
“Respecting the EU data protection rules will help ensure that our privacy and fundamental rights will be upheld and that the European approach will be transparent and proportional,” she said.
In the document setting out the European Commission’s data privacy guidelines, seen by Reuters, the bloc’s executive recommended member states put national health agencies in charge of compliance with data rules, “given the sensitivity of the personal data at hand and the purpose of data processing”.
The document recommended a decentralised approach to storing data, which it compared with the methods used in many Asian countries, where most data is kept on a centralised server.
“The Commission recommends that the data should be stored on the terminal device of the individual. In the case that the data is stored in a central server, the access, including the administrative access, should be logged,” the document said.
EU data privacy rules known as GDPR adopted two years ago impose steep fines on companies that fail to comply.