The Cnil ” will carry out checks ” to verify that all precautions are taken to avoid drifts in the files of people sick with Covid-19 and their contacts, which come into force from Wednesday. These checks will take place ” in the first weeks following the installation of these new files ”, said in a statement the National Commission of Computing and Freedoms, the guardian of the private life of the French.
The “Contact Covid” and “SI-DEP” computer files entered into force Wednesday after the publication of a decree by the government, in application of the law extending the state of health emergency. These files will be used to conduct health surveys, the objective of which is to determine who may have been infected by a person who tested positive. In its press release, the CNIL “ considers the device compliant with the GDPR ”, the European regulation on the protection of personal data.
The government has strengthened a number of guarantees for these files compared to its original intentions, she noted. It thus framed ” more precisely (…) the data to which each user category of the two files will have access, according to its function in the sanitary device ”. It also opened up a little more an individual’s right to object to certain data appearing in the files. In certain cases, people identified as “contact cases” of an infected person may ask not to appear in the files.
Certain requests of the CNIL will have to be satisfied when using the files, she also indicated. It therefore wants these files with ultra-sensitive data to allow traceability of their consultations, “In order to identify abuses and to be able to punish them”. The “Contact Covid” and “SI-DEP” files should not be confused with the government’s StopCovid smartphone app project, which they have nothing to do with.