{"title":"GDPR -不适合冠状病毒?","authors":"Thomas Kahler","doi":"10.5771/9783748921561-171","DOIUrl":null,"url":null,"abstract":"The first step for DPOs is to check the legal basis for justifying data processing. This procedure does not change in times of corona and will be illustrated here by two cenarios: Cenario 1: Is is admissable to use private mobile phones of employees? Cenario 2: Is it admissable to check the temperature of the staff before entering the office? Cenario 1: In ordinary times GDPR does not provide a legal basis to transfer personal data to private mobile phones. First, a consent of the owner of the mobile phone would not be regarded as freely given since the employee does not solely receive a legal incentive by providing 'his own device'. Second, the phonenumber of his coworker or the phonenumber of an employee of a third party would be transferred to and stored on the private device. This data transfer cannot be based on legitimate interest while a transfer of this contact details is not necessary in the sence of GDPR. The less infringing measure is the storage the data on the device of the employer. An exception of this ratio may be admissable for a contact list for emergencies. Companies can ask for private contact details of an employee who has a defined role in an emergency plan. This would be admissable on basis of legitimate interest. How does the cenario change in times of corona? Sofar no less infringing measure exists it would be admissable e.g. to inform the employees 1.","PeriodicalId":326055,"journal":{"name":"Turning Point in Data Protection Law","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"GDPR – not fit for corona?\",\"authors\":\"Thomas Kahler\",\"doi\":\"10.5771/9783748921561-171\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The first step for DPOs is to check the legal basis for justifying data processing. This procedure does not change in times of corona and will be illustrated here by two cenarios: Cenario 1: Is is admissable to use private mobile phones of employees? Cenario 2: Is it admissable to check the temperature of the staff before entering the office? Cenario 1: In ordinary times GDPR does not provide a legal basis to transfer personal data to private mobile phones. First, a consent of the owner of the mobile phone would not be regarded as freely given since the employee does not solely receive a legal incentive by providing 'his own device'. Second, the phonenumber of his coworker or the phonenumber of an employee of a third party would be transferred to and stored on the private device. This data transfer cannot be based on legitimate interest while a transfer of this contact details is not necessary in the sence of GDPR. The less infringing measure is the storage the data on the device of the employer. An exception of this ratio may be admissable for a contact list for emergencies. Companies can ask for private contact details of an employee who has a defined role in an emergency plan. This would be admissable on basis of legitimate interest. How does the cenario change in times of corona? Sofar no less infringing measure exists it would be admissable e.g. to inform the employees 1.\",\"PeriodicalId\":326055,\"journal\":{\"name\":\"Turning Point in Data Protection Law\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Turning Point in Data Protection Law\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5771/9783748921561-171\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Turning Point in Data Protection Law","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5771/9783748921561-171","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The first step for DPOs is to check the legal basis for justifying data processing. This procedure does not change in times of corona and will be illustrated here by two cenarios: Cenario 1: Is is admissable to use private mobile phones of employees? Cenario 2: Is it admissable to check the temperature of the staff before entering the office? Cenario 1: In ordinary times GDPR does not provide a legal basis to transfer personal data to private mobile phones. First, a consent of the owner of the mobile phone would not be regarded as freely given since the employee does not solely receive a legal incentive by providing 'his own device'. Second, the phonenumber of his coworker or the phonenumber of an employee of a third party would be transferred to and stored on the private device. This data transfer cannot be based on legitimate interest while a transfer of this contact details is not necessary in the sence of GDPR. The less infringing measure is the storage the data on the device of the employer. An exception of this ratio may be admissable for a contact list for emergencies. Companies can ask for private contact details of an employee who has a defined role in an emergency plan. This would be admissable on basis of legitimate interest. How does the cenario change in times of corona? Sofar no less infringing measure exists it would be admissable e.g. to inform the employees 1.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
