Green Pass grafting, an all-Italian mess

Europe expresses itself on Green Pass Changing its name is somewhat different from what our country has done so far. Indeed, on April 29, 2021, the European Parliament approved the regulation proposal, which was presented by the Commission on March 17th, in ‘Green digital certificate’With the aim of restoring freedom of movement in the union.

Members of the European Parliament have approved several amendments to this clause on the “new Eu Covid-19 certificate” – which should in fact replace the phrase “green digital certificate” – highlighting the need for strong safeguards Protection Personal data and the security of the technological infrastructure necessary to implement vaccination certificates.

The proposal to obtain a certificate to reaffirm the right to freedom of movement in Europe during the pandemic raises important protection concerns Personal Data. As we know, the question was already a strict and valid topic in our country The guarantor intervenes to protect the personal data, Which sent an official warning to the relevant ministries about ‘Vaccine permit’, Stipulated in Decree-Law of April 22, 2021, n. 52 (the so-called reopening decree), which refers to “serious serious issues capable of revoking the validity and operation of the system of reopening travel during the pandemic, if appropriate modifications do not occur.”

In particular, the guarantor indicated that the treatments related to the issuance and use of the “vaccination card” cannot be correct based on Legislative Decree 52/2021, considering inappropriate To legalize the introduction and use of “green certificates” at the national level. Without considering serious problems in terms of safety and compliance with the principles of minimization, TransparencyThe accuracy of the storage and its limits, which must be incorporated into the processing, in accordance with the principles of privacy by design and privacy by default set forth in Article 25 of the GDPR. In short, a completely Italian mess.

Rushed approval of the Italian project once again sacrificed needs Protection Of personal data, negligence, With incredible lightnessAdvance consultation with the guarantor, as required by the legislation (and as it happened, instead, in the European context where the recent approval of the regulation on the Covid-19 certification preceded a request for an opinion from the European guarantor and European data protection officer).

More smoke is a picture Technological measures Which our country intends to adopt to allow the “vaccination corridor” to operate. In the event of general confusion, the government plans to exhume even the bodiesImmune application (Which would have been more correct to draw a merciful veil on it), taking into account also what the Minister of Technology Innovation and Digital Transformation had hastily announced in this regard and However, what appears to be certain in the Italian project On the green corridor. The unsuccessful Immuni project, which has already revealed numerous flaws and a disturbing lack of transparency of the mechanisms behind its operation, which has resulted in citizens distrusting the correct use of their personal data, leading to citizens’ distrust in the correct use of their personal data, will be unbelievable. Transformed Tool for Covid-19 Certification.

However, Immuni will be re-launched in a completely different scenario from the point of view of protecting personal data, which will be processed for different purposes and with different impacts on the rights and freedoms of people. This should make it necessary, at the very least, to develop one New risk assessment And taking security measures that also take into account the wider scope of the circulation of personal data, at the European level rather than at the national level.

Not to mention that in order to be used effectively in a cross-border context, Covid-19 certification tools must be fully interoperable. harmonicIt is safe and verifiable. On this point, the European Parliament expressed very clear positions, stressing the importance of subjecting certificates to constant checks to avoid fraud and forgery, as well as verifying the authenticity of electronic seals included in documents and preventing the personal data of European citizens. Maintained by the member countries of destination.

Which approach must stir any Digitization At the European level, even in times of delicate health emergencies, this should be based on cooperation between governments, sharing of principles, technical standards and the level of protection of fundamental rights. Italy seems to have started On the wrong foot. But it could do better than what was announced.