On January 30th, 2020, the World Health Organization declared a novel coronavirus COVID-19 a matter of Public Health Emergency of International Concern. Seeing the rapid growth of infections and deaths, governments worldwide were quick to implement a variety of measures. Among them, technological solutions in the form of anonymized phone location tracking and contract tracing apps.
The use of technology has accelerated a pre-existing debate in Europe regarding the privacy protection of users. In recent years, the European Union has established numerous limitations to the exploitation of personal data. This includes for example the limitation on an indiscriminate sharing of persona data of with US companies. In 2014, a major court case established a “right to be forgotten” protecting users from indefinite retention of their data on online search platforms. This was followed in 2015 by Schrems case, in which the Safe Harbor decision was revoked and the transfer of personal data of EU citizens to servers in the US was largely limited. Most recently, the General Data Protection Regulation (GDPR) of 2016 sets a groundbreaking and high standard of data protection. Therefore, the use of phone location data to track people’s movements and the emergence of contact tracing apps have both sparked concerns.
This paper discusses the use of technology as a response to the COVID-19 pandemic among the European Union Member States considering years-long European effort to increase privacy protection. This paper identifies two waves of technological solutions. First, the use of anonymized location data shared by telecommunications companies (hereinafter: telecoms) to monitor crowd movements. Secondly, the emergence of contact tracing apps to speed up the procedure of identifying infected individuals. Both waves of technological solutions are discussed in terms of privacy, transparency and effectiveness.