Coronavirus Act 2020: it’s necessary but tread with care warn experts 

George Orwell all over again: privacy experts warn that we must not let the provisions of the Coronavirus Act 2020 become permanent.

Difficult times call for extreme remedies, but even so, we must be careful, that was the conclusion from a number of privacy experts we spoke to.

On March 25, The Coronavirus Act of 2020 received Royal Assent

Not many people objected. The Act means, among other things, that the government can track our digital footprint. Not that it necessarily needed the Act to do that. GDPR permits the processing of data for both the public and vital interests — and few would argue that defeating Covid-19 is not in the public’s interest nor that it is vital.

Privacy experts are still concerned though.

“The government should still be held accountable for what it does today. I’m not saying they’re doing anything wrong, I’m just saying that there’s still an opportunity for them to get it wrong and to overstep that, mark,” said Steve Wright, partner at Privacy Culture

“The main concern from privacy advocates is where it might be difficult to revert back to the old standards of privacy, which they were not very happy with anyway, says Joe Dignan, a digital transformation expert who runs the Kintechi consultancy.   He added: “It might be difficult to reverse these practices when this crisis is over, especially with governments that are a bit more authoritarian.” 

“Companies will start thinking, well, governments can track where people are all the time. So why can’t we track our employees? said Dr Vasileios Karagiannopoulos, Reader in Cybercrime and Cybersecurity, Director of the Cybercrime Awareness Clinic, Institute of Criminal Justice Studies, University of Portsmouth, Dignan added: “There is no government I have ever come across that actually hands back anything.”

“This is George Orwell all over again” said Wright. “We’ve got also an extension of time limits under the Act for holding data concerning fingerprints and DNA profiles. So, who checks these things? In two years will this be a distant memory or will it still be here? The worrying part for me, from a snooping perspective, is that the mobile phone operators will be providing anonymised smartphone location so they can monitor people. But what else is is it going to be used for? We know that this has been used for tracking criminal behaviour and terrorism. So that that feels okay. But now we’re checking how many times we go for a run.”

In other words, we need to do what we must to defeat Covid-19, but when this terrible virus is defeated, let’s remember that this means handing back to us our human right for privacy. 

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.