The CNIL closely monitors the tracking functionalities and the exploitation of databases related to COVID-19 to put the State back on the right track in the event of abuse.
Thus, it published a new report relating to the digital devices put in place by the government within the framework of the fight against the virus.
Contact tracing is not very useful, but not a problem in the short term
The institution notably issued an opinion on the TousAntiCovid application which has caused so much talk. According to her, ” the Bluetooth contact tracing feature is of marginal use “. However, the CNIL considers that it can, at this stage, be maintained, because its invasion of privacy is deemed ” particularly weak “.
The functionality offers enough guarantees in the eyes of the CNIL, starting with its voluntary use. Activating this option is in no way mandatory, and doing without it does not penalize the user, who does not see his field of possibilities restricted.
The CNIL nevertheless recommends that users be encouraged to activate contact tracing only during periods of active circulation of the virus. The device will also have to be limited for the duration strictly necessary to respond to an exceptional health situation and should not be generalized.
SI-DEP and COVID Vaccine files monitored
The Commission also looked into the case of the SI-DEP file, which centralizes the results of screening tests for COVID-19. It considers that the authorities can use this database to decide whether to reduce, maintain or extend the duration of quarantine and isolation measures. On the other hand, it would be unacceptable to use this information to ” monitor compliance with these measures “. The SI-DEP file should therefore not be used as evidence to accuse an individual of having violated a confinement instruction, for example.
With regard to the COVID Vaccine file, which is used to set up and monitor vaccination campaigns against the coronavirus, the CNIL ” took note » the duration set at 10 years of data retention. However, it regrets that the file was supplied with data for vaccination against influenza even before the modification of the regulatory framework. A series of checks made it possible to draw up a list of observations, the details of which are not specified. It was communicated to the National Health Insurance Fund (CNAM) and to the Ministry of Health.
On the same subject :
Why your data on Doctolib is not completely secure
Source : CNIL