The Guarantor for the protection of personal data has adopted a provision with which it formally "warned" the Campania Region that the certification system of vaccination, recovery or negativity - promoted by the Region as a necessary condition for the use of countless services such as those tourism, weddings, transport and shows - violates the privacy legislation. The system is provided for by an order of the President of Campania which delegates to the Regional Crisis Unit the definition of the operating procedures and the distribution of smartcards on which the regional Covid passes will be registered. The ordinance - continues the Guarantor - also introduces the use of smart cards as a "system for issuing certification of vaccination"without specifying the ownership of the treatment, who can access and use the information, who can check the validity and authenticity of the certifications. The project thus infringes the basic principles of the EU Regulation on the protection of personal data such as those of lawfulness, correctness, transparency, privacy by design and by default. The system adopted by the Region would have required, in any case, that a preventive impact assessment be carried out aimed at implementing adequate measures to guarantee the protection of data, even particularly sensitive ones such as those on people's health. The Authority notes that projects such as the Campania one introduce systems for the release and verification of vaccination different from those identified at the national level and, above all,that jeopardize the very interoperability of certifications at national and European level, in contrast with the purpose of facilitating free movement within the European Union during the Covid-19 pandemic. The formal "warning" adopted against the Campania Region was also communicated to the President of the Council of Ministers and to the Conference of Regions and Autonomous Provinces, for the relevant assessments.it was also communicated to the President of the Council of Ministers and to the Conference of Regions and Autonomous Provinces, for the relevant assessments.it was also communicated to the President of the Council of Ministers and to the Conference of Regions and Autonomous Provinces, for the relevant assessments.
Share
May 26, 2021 The Guarantor for the protection of personal data has adopted a provision with which it formally "warned" the Campania Region that the certification system of vaccination, recovery or negativity - promoted by the Region as a necessary condition for the use of countless services such as tourism, weddings, transport and shows - violates the privacy legislation.
The system is provided for by an order of the President of Campania which delegates to the Regional Crisis Unit the definition of the operating procedures and the distribution of smartcards on which the regional Covid passes will be registered.
The ordinance - continues the Guarantor - also introduces the use of smart cards as a "system for issuing certification of vaccination" without specifying the ownership of the treatment, who can access and use the information, who can check the validity and the authenticity of the certifications.
The project thus infringes the basic principles of the EU Regulation on the protection of personal data such as those of lawfulness, correctness, transparency, privacy by design and by default. The system adopted by the Region would have required, in any case, that a preventive impact assessment be carried out aimed at implementing adequate measures to guarantee the protection of data, even particularly sensitive ones such as those on people's health. The Authority notes that projects such as the Campania one introduce systems for the release and verification of vaccination different from those identified at national level and, above all, that jeopardize the very interoperability of certifications at national and European level, in contrast with the purpose of facilitating free movement towithin the European Union during the Covid-19 pandemic. The formal "warning" adopted against the Campania Region was also communicated to the President of the Council of Ministers and to the Conference of Regions and Autonomous Provinces, for the relevant assessments.
