Go back to the Europarl portal

Choisissez la langue de votre document :

  • bg - български
  • es - español
  • cs - čeština
  • da - dansk
  • de - Deutsch
  • et - eesti keel
  • el - ελληνικά
  • en - English (Selected)
  • fr - français
  • ga - Gaeilge
  • hr - hrvatski
  • it - italiano
  • lv - latviešu valoda
  • lt - lietuvių kalba
  • hu - magyar
  • mt - Malti
  • nl - Nederlands
  • pl - polski
  • pt - português
  • ro - română
  • sk - slovenčina
  • sl - slovenščina
  • fi - suomi
  • sv - svenska
Parliamentary questions
PDF 37kWORD 20k
25 August 2020
Answer given by Mr Breton
on behalf of the European Commission
Question reference: E-003850/2020

O n 16 April 2020, the Member States, with assistance of the Commission, adopted an EU Toolbox on mobile applications for contact tracing and warning in response to the coronavirus pandemic(1). It builds on the Commission Recommendation of 8 April 2020(2) that aims at a coordinated common approach to support the gradual lifting of confinement measures.

These are complemented by the Commission’s Guidance on privacy and data protection adopted on 16 April 2020(3), the Guidelines on interoperability on 13 May 2020(4) and the technical specifications for interoperability adopted on 16 June 2020(5).

The common approach lays down an epidemiological framework, and specifies technical, cross-border interoperability, cybersecurity requirements as well as guidance on privacy and data protection safeguards, in particular on data minimisation.

In addition, the Toolbox recommends Member States to consider the European Centre for Disease Prevention and Control (ECDC) guidelines as regards epidemiologically relevant contacts(6), which consider the need to minimise false positives as well as to ensure that the ephemeral IDs are generated pseudo-randomly and change periodically to enhance the protection against eavesdropping, as well as against hacking and tracking by third parties.

The monitoring of the functioning and uptake of the apps is one of the actions agreed in the Toolbox and will be carried out with Member States in the context of eHealth Network.

Without prejudice to the powers of the Commission as guardian of the Treaties, the enforcement of the application of EU privacy and data protection legislation falls primarily under the competence of national data protection authorities and courts.

(1)https://ec.europa.eu/health/sites/health/files/ehealth/docs/covid-19_apps_en.pdf .
(2)C (2020) 2296 final. Recommendation on a common Union toolbox for the use of technology and data to combat and exit from the COVID-19 crisis.
Last updated: 3 September 2020Legal notice - Privacy policy