LAUSR

2020 has been marked by the unprecedented outbreak of the COVID-19 pandemic. Its complex impact on EU policy-making and numerous implications for the EU legal order have been reflected in the content of nearly all events organised by ERA in the second half of 2020. The pandemic created a need for organisations – including the EU institutions – to reinvent their activities by adopting additional safety measures, by allowing employees to work from home and/or by switching to an entirely online working environment. Preventive measures adopted by organisations happen to include the processing of information concerning the movement of employees, such as location data, as well as concerning one of the most vulnerable categories of data, which is health data. Against the background of these developments since the outbreak of the coronavirus pandemic, Member States, backed by the European Commission, have been assessing the effectiveness, security, privacy, and data protection aspects of digital solutions to address the crisis. The question instinctively posed has been whether the GDPR and other data protection laws1 hinder the processing of personal data, considered necessary to fight the pandemic, and if so, then under which conditions.2