GDPR in the Coronavirus Age

With COVID-19, it might be easy to miss the second anniversary of the GDPR on Monday 25 May. But GDPR is still highly relevant, especially here in the UK, as it relates to the use of mobile apps to support our COVID-19 test, track, and trace strategy.

Privacy Concerns

Concerns over the invasion of privacy and whether there’s the potential for the collection of PII from these apps has been much discussed in the press in recent weeks. While the pilot version for the UK’s contact-tracing app has been offered out to residents on the Isle of Wight, Matt Hancock, the UK Health Secretary, has announced his confidence in a UK-wide rollout by 1 June. We therefore watch the level of app use with interest, as citizens will need to balance their GDPR concerns (founded or unfounded) against the clear value to themselves and society in helping to support such an obvious life-saving initiative.

Also, while in lockdown there has also been a huge expansion of social media use, and here again GDPR has entered the discussion. For example the Belgian Data Protection Authority published a decision just this month against a social network provider whose “invite a friend” function was found to breach GDPR. The social network failed to persuade the authorities that it was exempt, as each of us, as individuals, is able to process personal data (e.g. on our friends and family) in the context of our private lives, for our own personal reasons, without the need to comply with the GDPR. This didn’t wash with the authorities as holding the data was ruled as making “the user” a Data Controller.

Streamlined Compliance

Other much higher profile cases have included fines for Marriott, Dixons Carphone, British Airways, and Equifax, in some cases being fined £500,000 alongside the (perhaps even greater) cost to their brands. So the GDPR remains uppermost in the considerations of CIOs and their data management strategies. At Denodo, we’ve seen our data virtualization platform widely used to support data governance and effective, centralized data security, key elements to remaining on the right side of the GDPR. We are living in unusual times, but the pressures of GDPR compliance continue to be felt.

Originally published at on May 27, 2020.




We do #DataVirtualization We care about #AgileBI, #BigData #Analytics, #Dataservices, #DataManagement, Logical #DataWarehouse Web, #SaaS and #Cloud integration.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Airgap: Protecting Critical Assets and Infrastructure

Recovering Assets from a Hacked Account with Flashbots

{UPDATE} 天上天下 Hack Free Resources Generator

We’re all “unbanked” with health.

{UPDATE} 无尽试炼-文字挂机放置游戏 Hack Free Resources Generator

GDPR: Impact to Your Data Management Landscape: Part 2

Kafka Security Fundamentals — adding TLS to your event-driven utility belt!

Are you new to infosec? Here are some acronyms to know. (PART-1)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


We do #DataVirtualization We care about #AgileBI, #BigData #Analytics, #Dataservices, #DataManagement, Logical #DataWarehouse Web, #SaaS and #Cloud integration.

More from Medium

When you have a recurring problem — The Daily PPILL #78

Ask the wrong people, you build the wrong thing

The 10 Most Society-Damaging XKCD Comics

The Missing Intercity Link Why Kei Cars fail outside Japan