Skip to main content

Navigating the impact of COVID-19

How to manage data protection issues

The COVID-19 outbreak raises a host of data protection issues.

Employers might have to take measures to protect their employees from being exposed to the infection, while the need for employees to work from home has implications around data security and cyber compliance.

Some authorities expect hacking and scamming to increase as more people work remotely using unfamiliar systems. And in times of high emotion we are more likely to fall victim to ‘social engineering’ attacks. (Read more about cyber security in the time of COVID-19 in our blog.)

In addition, some obligations contained in the EU general data protection regulation (GDPR) and other data protection laws are more difficult to comply with in times of crisis, in particular when it comes to deadlines to report data breaches or to respond to data subject requests.

Guidance from data protection authorities

Many data protection authorities (DPAs) or equivalent privacy regulators around the world have issued guidance in response to the crisis.

However, it can be hard for companies to know exactly how to respond because they are obliged to assess the proportionality of any measures in the context of their business.

Furthermore, guidance can conflict between authorities, making it harder to devise a global response.

Get in touch

If you would like to discuss these issues in more detail, please speak to your usual Freshfields contact or one of the lawyers listed below who can direct your query.


Related content