“Apps” are multiplying for tracking users affected by COVID-19 and also in Italy – it seems – institutions are evaluating similar solutions while private entities have already developed software of this sort.
Inevitable, and often inappropriate, the alarms for the “violation of privacy” – as if the necessary limitations of the other fundamental rights that we are suffering were nothing at all – and those invoking the GDPR (which, I repeat ad nauseam, does not apply to the protection of public order and security, national security and other associated misfortunes and disasters). But this does not mean that it would be good to overlook the principles of the GDPR. Even putting aside regulatory precepts approaches based on need-to-know (do I need – or right – to process specific data? And who receives them?) and secure software design (OWASP exists “regardless” of the GDPR) are fundamental elements for the functioning of a digital ecosystem, especially in times of emergency. Continue reading “COVID-19: Is the app that tracks users illegal?”