Council of Europe Issues Statement on COVID-19 and Data Protection

Today the Council of Europe published a Joint Statement on The Right to Data Protection in the Context of the COVID-19 Pandemic. The statement was published by Alessandra Pierucci, Chair of the Committee of Convention 108 and Jean-Philippe Walter, Data Protection Commissioner of the Council of Europe. The COE Statement advises that "States have to address the threat resulting from the COVID-19 pandemic in respect of democracy, rule of law and human rights, including the rights to privacy and data protection." The Council further states that even during a public health crisis, "human rights(such as the International Covenant on Civil and Political Rights and the European Convention on Human Rights) cannot be suspended but only derogated or restricted by law, to the extent strictly required by the exigencies of the situation, while respecting the essence of the fundamental rights and freedoms." The COE notes that "anonymised data is not covered by data protection requirements. The use of aggregate location information . . . would thus not be prevented by data protection requirements." EPIC has worked closely with the Council of Europe on updates to the Council of Europe Privacy Convention, recommended US ratification of the Convention, and recently advised the COE on AI policy. The text of the COE Privacy Convention is contained in the EPIC Policy Law Sourcebook.