GDPR in the Coronavirus Age

With COVID-19, it might be easy to miss the second anniversary of the GDPR on Monday 25 May. But GDPR is still highly relevant, especially here in the UK, as it relates to the use of mobile apps to support our COVID-19 test, track, and trace strategy.

Privacy Concerns

Concerns over the invasion of privacy and whether there’s the potential for the collection of PII from these apps has been much discussed in the press in recent weeks. While the pilot version for the UK’s contact-tracing app has been offered out to residents on the Isle of Wight, Matt Hancock, the UK Health Secretary, has announced his confidence in a UK-wide rollout by 1 June. We therefore watch the level of app use with interest, as citizens will need to balance their GDPR concerns (founded or unfounded) against the clear value to themselves and society in helping to support such an obvious life-saving initiative.

Also, while in lockdown there has also been a huge expansion of social media use, and here again GDPR has entered the discussion. For example the Belgian Data Protection Authority published a decision just this month against a social network provider whose “invite a friend” function was found to breach GDPR. The social network failed to persuade the authorities that it was exempt, as each of us, as individuals, is able to process personal data (e.g. on our friends and family) in the context of our private lives, for our own personal reasons, without the need to comply with the GDPR. This didn’t wash with the authorities as holding the data was ruled as making “the user” a Data Controller.

Streamlined Compliance

Other much higher profile cases have included fines for Marriott, Dixons Carphone, British Airways, and Equifax, in some cases being fined £500,000  alongside the (perhaps even greater) cost to their brands. So the GDPR remains uppermost in the considerations of CIOs and their data management strategies. At Denodo, we’ve seen our data virtualization platform widely used to support data governance and effective, centralized data security, key elements to remaining on the right side of the GDPR. We are living in unusual times, but the pressures of GDPR compliance continue to be felt.

• Author
• Recent Posts

Charles Southwood

Charles Southwood is Regional VP for Denodo Technologies, responsible for the company’s business revenues in Northern Europe and South Africa. Born and raised in Ascot, Berkshire with a degree in engineering, from Imperial College, London, Charles has over 20 years in technology sales and sales leadership where he has been involved in both start-up ventures, and the expansion of existing businesses. He has a strong background in data integration, big data, IT infrastructure/IT operations and Business Analytics previously gained with Splunk, Oracle, BEA systems and BMC software. Charles is passionate about working in fast moving and innovative markets to support customer success and in aligning IT solutions to meet the changing needs of business.

Beyond work, Charles has a wife and two daughters and lives in Beaconsfield, near London. His hobbies include flying (he has a private pilot’s licence), yacht sailing and road cycling. He has also climbed and trekked the mountains of the Andes, the Alps, the Himalayas and Kilimanjaro.

Latest posts by Charles Southwood (see all)

• Data Mesh and the Future of Financial Services - April 5, 2023
• Data Fabrics, Data Meshes and the role of Data Virtualisation - March 24, 2022
• The Pandemic, Cloud Adoption, and the Future - September 3, 2021