On March 17, 2020, the Executive Committee of the Global Privacy Assembly (“GPA”) issued a statement on data protection in the context of the COVID-19 pandemic. The GPA is an entity representing data protection and privacy regulators around the globe, formerly known as the International Conference of Data Protection and Privacy Commissioners (“ICDPPC”).

The GPA recognizes the unprecedented challenges being faced to address the spread of COVID-19, and acknowledges that data protection requirements do not stand in the way of tackling such challenges.

According to the GPA, the data protection principles enshrined in virtually all countries with data privacy laws “enable the use of data in the public interest and still provide the protections the public expects” in the context of the COVID-19 outbreak.

Moreover, the statement notes how “health data is considered sensitive across many jurisdictions,” but so far this has not constituted an impediment to “national approaches to sharing public health messages; of using the latest technology to facilitate safe and speedy consultations and diagnoses; and of creating linkages between public data systems to facilitate identification of the spread of the virus”.

The GPA made also clear that it supports efforts by public authorities and healthcare professionals to communicate directly with people, and scientific and government bodies to ensure better coordination of policy responses nationally and globally, and fight the spread of the virus in an effective manner.

The GPA’s statement shows how data privacy regulators are trying to coordinate their guidance at global level, and address the privacy concerns linked with the adoption of measures against the spread of the virus.  Covington continues to track EU and global regulatory statements and guidance concerning COVID-19, and readers are invited to view Covington’s COVID-19 resources, available here.