Abstract
The fight against COVID-19 has had a significant impact on our lives and, no doubt, on a number of fundamental rights guaranteed by the Charter of Fundamental Rights and Freedoms. These include interference with freedom of movement in the form of restricted travel, interference with freedom of assembly and more. In this article, the author will focus on the interference with the right to privacy, which he considers to be very serious in the long run.
While travel restrictions or freedom of assembly are gradually being relaxed, privacy intrusions in the form of personal data collection are on the rise. In addition, the processing of personal data is often not visible at the first sight, in contrast to the examples given above. The data can also be evaluated and used, or misused after a longer period of time, even after the original reasons for collection have passed.
According to the author's assessment, the collection and processing of personal data in the fight against COVID-19 most often involves two types of interference with the right to privacy. The first is the mandatory storage of certain personal data by persons who would not otherwise have a reason to process or would not be authorized to do so. An example is the obligation of employers to process data on the tests performed, but also on the fact that the employee did not pass the test because he or she is vaccinated or underwent COVID-19 within a specified period of time. An even more serious intrusion would be a similar obligation imposed on service establishments, shops and other persons who, by default, did not even know the identity of their visitors so far, not speaking of processing any other data on them, inevitably including time and place of the visit; as the processing of personal data is not one of the standard activities of these persons, the question of their readiness for such processing, including data security, is also relevant. The second type of intrusion consists in the effort to use data created primarily for different purposes, typically operational and location data of electronic communications operators or banks.
We have to expect legislative proposals for measures for combating COVID-19 as well as court decisions in these matters in the future as well. Especially legal discussions on COVID passports will take place de lege ferenda, it is also likely that legislative efforts to establish the State Hygienic Service and define its powers will continue, last but not least it will be necessary to determine the limits of the employer's legitimate interest in processing data about its employees in relation to COVID-19.