In Germany, the use of a tracking app that is already in use
Posted: Mon Feb 17, 2025 9:34 am
South Korea was one of the pioneers in the use of such tracking apps and has apparently had some success in reducing new infections. The data protection situation in Europe is of course very different from that in South Korea. Several German supervisory authorities, including the Federal Data Protection Commissioner, have already made differentiated statements on the use of these tracking apps.
According to the European General Data Protection viber database Regulation ( GDPR ), the processing of personal data is subject to a permit requirement, i.e. processing always requires a legally stipulated permit. A person's location data is also personal data and is therefore subject to this restriction.
In this context, the only option that comes into consideration is the data subject's explicit consent to the collection of his or her location data. The GDPR expressly provides for this option. In this respect, GDPR-compliant use is fundamentally possible.
However, it is also urgently necessary to carry out a security-related investigation of network and transport security and configuration options. Penetration tests must also be used to check resistance to external attacks. Also to check what happens to the data and permissions after the app is deleted, and which accesses remain open afterwards.
According to the European General Data Protection viber database Regulation ( GDPR ), the processing of personal data is subject to a permit requirement, i.e. processing always requires a legally stipulated permit. A person's location data is also personal data and is therefore subject to this restriction.
In this context, the only option that comes into consideration is the data subject's explicit consent to the collection of his or her location data. The GDPR expressly provides for this option. In this respect, GDPR-compliant use is fundamentally possible.
However, it is also urgently necessary to carry out a security-related investigation of network and transport security and configuration options. Penetration tests must also be used to check resistance to external attacks. Also to check what happens to the data and permissions after the app is deleted, and which accesses remain open afterwards.