New Recommendations from the Global Privacy Assembly to Protect Travelers’ Health During the COVID-19 Pandemic

The Executive Committee of the Global Privacy Assembly (GPA), in which Argentina is a member, issued a joint statement on the importance of protecting personal and sensitive data, in particular health-related data, collected for domestic and international travel during the COVID-19 pandemic. Although the GPA recognizes the importance of processing information to assist in efforts to contain the pandemic, it emphasizes that such data processing must be done while protecting common global data protection principles, including privacy by design and by default. Consequently, collected data must not be excessive, the information provided to the data subject has to be clear and accessible, the processing must serve a specific purpose, and the data must be retained for no longer than necessary.

Among the suggested measures, we highlight the following:

• ‘Privacy by design and default’ principles should be embedded into the design of any system, app or data sharing arrangements regarding the processing of health data for the purposes of international travel. A formal and comprehensive assessment of the privacy impact on individuals before the commencement of any processing is the best method for ensuring data protection by design principles are implemented in practice and underlying risks are adequately mitigated.
• Personal data collected, used or disclosed to alleviate the public health effects of COVID-19 require a clearly defined purpose and must not be used in a manner incompatible with this purpose.
• All organizations must operate under relevant and appropriate lawful authority, ensuring that they only process health data when it is necessary and proportionate to do so.
• Individuals should be informed of how their data is being utilized, by whom and for what purpose, providing clear and accessible information, recognizing geographical, cultural and linguistic diversity.
• Organizations should collect the minimum health information from individuals or other sources that is necessary for their contribution to protection of public health.
• The cyber security risk of any digital systems or apps must be fully assessed, taking full account of the risks that can emerge from different actors in a global threat context.
• Organizations should carefully consider how long data should be retained and design a retention schedule for the safe deletion of information once it is no longer required. Sunset clauses should be built into the design of such systems, foreseeing permanent deletion of such data or databases, recognizing that the routine processing of COVID-19 health information at borders may become unnecessary once the pandemic ends.