Answer to Written Question: Digital green certificate – mandatory vaccination and privacy
(Source: European Parliament)
Answer given by Mr Reynders
on behalf of the European Commission
The Commission proposal covers three different types of COVID-19 certificates: a vaccination certificate, a test certificate, and a certificate of recovery. The possession of a Digital Green Certificate covering any of the three cases, including specifically a vaccination certificate, should not be a pre-condition for the exercise of free movement.
Persons who are not vaccinated must be able to continue to exercise their fundamental right of free movement, where necessary subject to limitations such as mandatory testing and quarantine/self-isolation. The Regulation does not establish any obligation to be vaccinated.
The proposed Regulation does not regulate the collection of the data to be included in the Digital Green Certificate. This is organised by the Member States, in accordance with their different national health care systems. For example, vaccination records are often stored in immunisation information systems established by the Member States.
Given that the personal data in the certificates includes sensitive medical data, a very high level of data protection will be ensured. The proposal limits the processing of personal data to the minimum necessary, by only including a limited set of personal data on the certificates to be issued, by setting out that the data obtained when verifying the certificates should not be retained, and by establishing a framework that does not require the setting up and maintenance of a central database.