Regulator: Venues Must Protect User Privacy During #COVID19 Checks

Regulator: Venues Must Protect User Privacy During #COVID19 Checks

The UK’s privacy watchdog has released new advice for venue owners and large event organizers on ensuring COVID-19 checks comply with data protection and digital privacy laws.

This week, the government avoided a humiliating defeat in the Commons after nearly 100 of its party’s own MPs voted against introducing new COVID passes for certain high-risk venues like nightclubs and large outdoor events with thousands of people.

However, the new rules passed, which means COVID-19 status checks must be carried out on entry at relevant locations.

The Information Commissioner’s Office (ICO) warned that event organizers and venue owners must be “clear open and honest” about what they’re doing by sharing their privacy notices online and in venues.

It added that they should check whether local rules mandate full digital scans of COVID passes or simply a visual check. Staff should answer any questions on this and treat any information gathered confidentially. Venues should not make their own lists featuring the COVID status of customers.

The ICO has a handy web page on the privacy implications of COVID pass checks. The GDPR only kicks in if organizers physically scan pass QR codes – deemed “processing” under the

Read More: https://www.infosecurity-magazine.com/news/regulator-protect-user-privacy/