During the 47 plenary section, which was held on the 30th and 31st of March 2021 the European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have adopted a joined opinion on proposals of the digital green certificate.
The purpose of the digital green certificate is to facilitate the exercise of the right to free movement within the European Union during the COVID-19 pandemic by establishing a common framework for the issue, validation and recognition of vaccination certificates, test results and recovery.
In the joint opinion, the EDPB and the EDPS invited the co-legislators to ensure that the Digital Green Certificate is fully compliant with EU rules on personal data protection. Data Protection Authorities from across the EU and the European Economic Area stress the need to reduce the risks to the fundamental rights of EU citizens and residents that may result from the issuance of a digital green certificate, including its possible unintentional reuse.
According to the EDPB and the EDPS, the use of the Digital Green Certificate must in no way lead to direct or indirect discrimination against natural persons and must fully respect the fundamental principles of necessity, proportionality and effectiveness. Given the nature of the measures proposed in the proposal, the EDPB and the EDPS consider that the introduction of the green digital certificate should be accompanied by a comprehensive legal framework.
The EDPB and the EDPS also expressly stress that the use of the Digital Green Certificate must be strictly limited for the duration of the COVID-19 pandemic and that any access to and subsequent use of the data of persons collected in connection with this certificate and their subsequent use by Member States after the end of the pandemic is not permitted.