Governments around the world have used access to troves of personal data to combat the spread of the COVID-19 virus, and the governments that accessed the most data have had the greatest success against the virus. This trend has brought up discussions of data protection and privacy and whether the intrusive measures used to keep people safe will remain in place after the threat passes.
Dozens of data protection authorities (DPAs) have responded to the concerns with statements regarding the processing of personal data during the pandemic. The International Association of Privacy Professionals collated a list of COVID-19 guidance published by DPAs, which includes statements from several European nations, the United States of America and the United Kingdom, as well as Turkey, China and the Philippines. Most of the statements explain that personal data will be protected under the law, regardless of the circumstances. The German DPA, for example, gave a short list of examples of methods of data collection and processing that would be legitimate, while the Chinese statement delineates who has the authority to collect such information and under what specific regulations.
The two countries have acted very differently when dealing with privacy considerations. Whereas China leveraged detailed personal data gleaned from cell phones to track and monitor individual citizens, Germany recently rejected a proposal to employ similar tactics to track the movements of people who tested positive.