During the last plenary session held on April 7, 2020, the European Data Protection Board (EDPB) entrusted its expert committees with the task of identifying and developing the relevant principles regarding the processing of personal data in the context of the containment of the COVID-19 virus through the approval of two specific mandates, concerning respectively the tracking and geolocation tools and the processing of health data for research purposes.

In the midst of the emergency linked to the spread of the COVID-19 virus (known to most as “coronavirus”), the search for possible solutions for the containment of the pandemic has now taken on a supranational dimension, recording the first contributions from European institutions. The possibility of monitoring population movements through the analysis of data collected by mobile communication devices, in order to verify the effectiveness of the restrictive measures imposed and the identification of connections between movement trends and contagions, is undoubtedly one of the options on the table. The European Data Protection Supervisor (“EDPS”), consulted by the European Commission, has therefore identified some elements to be taken into account in the implementation of such solutions.

The Italian government with its Legislative decree of 8 March 2020, suspended all educational activities from kindergartens to universities for children/students and their teachers. In the same decree a provision for teaching methods at a distance was activated. As a result of the same, the Italian Data Protection Authority in answer to the questions/reports received from the schools’ DPO, teachers and families, regarding the processing a preliminary guide on how schools and universities should use such tools, guaranteeing the protection of the personal data of the students, their families and their teachers.

In light of the approval, of the “Shared Protocol for the regulation of measures to combat and contain the spread of the Covid-19 virus in the workplace” (the “Protocol”) on March 14, 2020, we deem necessary to update our previous newsletter having as object the relationship between the autonomous initiatives of employers in order to manage the emergency related to the spread of the COVID-19 virus (“Coronavirus”) and the legislation on the protection of personal data.