Decisions made around how COVID-19 data are used are taken through established democratic processes
“In response to the Covid-19 pandemic, the Executive issued regulations to mitigate the spread of the virus under the Imposition of Restrictions Act, 2000. There was, however, no declaration by the President of a state of emergency which would have triggered a process through which Parliament would have been required to provide approval and oversight through a mandatory set of substantive and procedural safeguards.
The Electronic Communications Act, 2009 further permits the President to, by executive instrument, make written requests and issue orders to operators or providers of electronic communications networks or services requiring them to intercept communications, provide any user information or otherwise in aid of law enforcement or national security. Invoking this power, the President issued the Establishment of Emergency Communications System Instrument, 2020 to require network operators and communication service providers to assist the State to disseminate Covid-19 related information to the public and to make available all caller and called numbers, merchant codes, roaming files and location log files to the National Communications Authority to assist with contact tracing.
Although the Executive have taken a central role in the promulgation of Covid-19 related mitigation measures, the Legislature is still operating and exercising oversight over the Executive’s conduct.”
The public is consulted on how sensitive data (e.g. location data derived from mobile phones) are shared and used to tackle COVID-19, and their responses are used to inform policy interventions
After an extensive desktop search of online information, no information could be found to demonstrate that the public had been consulted on how sensitive data is used or shared to tackle Covid-19.
Any public-private data partnerships that are established to share and use COVID-19 related data should also include representatives from civil society and digital rights groups
After an extensive desktop search of online information, no information could be found which suggested that any public-private partnerships included representatives from civil society and digital rights groups.
The needs of vulnerable groups are taken into account and steps to protect ‘sensitive group data’ are included alongside actions to protect individuals’ data
After an extensive desktop search of online information, no information could be found to demonstrate that data regulation strategies considered the needs of vulnerable groups or that steps were taken to protect sensitive group data