There are different European institution, agency and bodies, that into the context of their strategy for the back-to-office organization have implemented temperature detection like part of health and security measures in order to fight against the Covid-19 dissemination, but the European Data Protection Supervisor (EDPS) asks for caution, by affirming that some operations involved in this process “can be as an interference into rights of individuals to private life”.

In a report published into its institutional site, the European Supervisor observes that temperature controls can be done by a variety of termoscanner and other devices or processes should be subjected to a careful assessment.

For this reason, the 1 of September 2020, the EDPS has decided to issue specific guidelines in order to help European Bodies and their DPO to meet (when it is possible) the European Regulation 2018/1725 on the protection of natural person in relation with personal data protection process by Institutions, bodies and other organism of the European Union.

According to guidelines offered by EDPS, inside of the institutional offices the temperature detection with automatic system on employees, providers and visitors, should be done by a person responsible for the control. The reason is to offer the right information and guarantees to the data subject to whom is detected the temperature related to the use of its personal data.

In addition, in the recently published guidelines, the EDPS recommends that the use of automated technologies with fully automated controls should only take place on a voluntary basis and with the explicit prior consent of people. On the other hand, body temperature controls that do not involve the registration, documentation or other processing of a person’s personal data are not, in principle, subject to the scope of EU data protection rules.

SOURCE: FEDERPRIVACY