“The global crisis caused by the COVID-19 pandemic has confirmed the importance of the most basic principles of data protection, such as fairness, purpose limitation and transparency.” This was the statement made by Bruno Gencarelli, head of the International Data Flows and Protection Unit at the European Commission (DG Justice and Consumers), during the webinar Data Protection Regulations and the Fight against COVID-19, held last June 12th 2020.
"This really is the first time we see the need for basic data privacy legislation being recognized globally, not as the result of a scandal, as we saw with Snowden and Cambridge Analytics, but as part of the solution," said Gencarelli.
According to him, this is because data legislation has proven to be necessary in order to ensure social acceptance of information-based solutions that have been introduced to monitor and contain the spread of the virus, calibrate public policy countermeasures, assist patients and help in diagnosis, implement existing strategies, as well as simply ensure the continuity of government and business operations.
The webinar, supported by Brazilian and European institutions, is the result of LAPIN's strategic partnership with the EU in Brazil. Brazilian stakeholders had the opportunity to learn more about the European experience with data tracking tools to combat COVID-19 and gained knowledge on the current situation of information protection in Europe and Brazil.
Ignacio Ybáñez, the European Union ambassador to Brazil, highlighted the EU's commitment since 2016 to exchanging experiences with Brazil on the issue of data protection, involving the Legislative Branch, the office of the President of Brazil, the Ministries of Economy and Foreign Affairs, as well as civil society groups and think tanks.
For Ybáñez, with the passage of the General Data Protection Act (LGPD), expected to come into force in Brazil in August 2021, and the two-year anniversary of the General European Data Protection Regulation (GDPR), it seems appropriate that the EU and Brazil expand their sharing of ideas and experiences on the subject, especially in the context of the COVID-19 pandemic.
The Deputy Secretary General of the Commission Nationale Informatique & Libertés, Gwendal Le Grand, stated that the common framework shared by the European Data Protection Board - EDPB and all national DPAs - is based on the consistent message that data protection does not hinder the fight against the pandemic.
The GDPR remains applicable, allowing an adequate response to the pandemic, protecting fundamental rights and freedoms. The increased workload of the DPAs, said Grand, shows us that societies are strongly relying on digital technologies and that all digital activities are based on personal data processing operations.
Carmela Troncoso, professor at École Polytechnique Fédérale de Lausanne - EPFL, presented some social and technical aspects related to Decentralized Privacy-Preserving Proximity Tracing (DP-3T). Developed by a group of Swiss scientists, DP-3T was created to be complementary to traditional manual contact tracing. According to her, some applications are helping to provide a faster and more scalable way to handle the spread of COVID-19. Furthermore, the approach aims to ensure privacy while respecting principles such as data minimization, purpose limitation and transparency.
In Brazil, according to Professor Laura Schertel of the Institute of Public Law of the University of Brasilia (UnB), there is no central data tracking application being used throughout the country. But at the state level, there are several applications used by governments, universities and research centres dedicated to tracking new coronavirus symptoms. For her, however, it remains uncertain whether there was free consent for this data collection.
The professor also said that the postponement of LGPD until August 2021 left the Brazilian data protection scenario full of uncertainties and unclear competencies. She cited the Supreme Court's decision to rule as unconstitutional a provisional measure of the federal government that forced the sharing of data from more than 140 million Brazilian citizens with the Brazilian Institute of Geography and Statistics - IBGE, for statistical purposes during the current state of emergency.
Indeed, during the panels it became evident that while the EU has been able to make responsible use of data to combat the pandemic in compliance with its GDPR and strengthen key elements on the issue of data protection, few initiatives have been able to do so in Brazil.
Miriam Wimmer, representative of the Ministry of Science, Technology and Innovation (MCTI), acknowledged that the absence of a Data Protection Authority - DPA in Brazil "is an issue that creates several difficulties, especially during this period with the spread of COVID-19.” For her, however, although the LGPD is not yet in force, it would be incorrect to state that there is no data protection in Brazil, since there are several sector-specific laws that cover different aspects of data protection.
Finally, the situation in Latin America was addressed by Verónica Arroyo of Access Now, who spoke about the experience of some countries and highlighted that the region still faces a myriad of technology-related disparities. She recalled that while technological efforts to combat the pandemic are welcome, issues such as digital literacy and Internet connectivity could not be ignored.
Moreover, Latin-American countries still have difficulty striking a healthy balance between protecting privacy and promoting security, which is often used as a justification for violating the privacy of their citizens.
Study addresses regulatory and governance challenges to decarbonize and digitalise the energy sector
Joint press release - 8th EU-Brazil High Level Political Dialogue on the Environment Dimension of Sustainable Development on 16 October 2020 (virtual meeting)
European Union and Brazil decide to cooperate in projects to fight COVID-19
EU-Brazil partnership promotes student awareness on food waste
Founded UE. © Diálogos