Transparency is key to accountability. One can only guarantee accountability if information about the functioning of the system or device is available in a transparent and proper way. The tool must be designed in such a way that transparency and user control can become a reality ^[1].

Furthermore, as the EDPB stated, “in order to ensure their fairness, accountability and, more broadly, their compliance with the law, the ICT tools must be auditable and should be regularly reviewed by independent experts. The application’s source code should be made publicly available for the widest possible scrutiny”.^[2] However, this might collide with intellectual property considerations. In any case, developers must ensure that their devices incorporate functions that allow end-users to be fully aware of the processing that will be given to their data.

It must be ensured that the tool adequately informs data subjects of what information the tool needs and why it needs it. The introduction of a “personal data area” where they can be informed of the personal data being processed, and even modify, correct or update this if necessary and if appropriate, is highly recommended. It is also advisable to establish an appropriate information strategy. It is advisable in any case that the information is written in characters that are not excessively small so that the participant can visualize the information easily via the screen of a smartphone. We must try to prevent the participant from starting to use the tool without having read and understood what will be done with their data. Finally, it is recommended to opt for legal design options that can make the privacy policy more visual and easier to understand. (See section “transparency” in the chapter “Principles”).

Checklist[3]: Transparency  The source code of the application and of its backend is open, and the technical specifications have been made public, so that any concerned party can audit the code, and where relevant, contribute to improving the code, correcting possible bugs and ensuring transparency in the processing of personal data.

 

 

References

---

¹EDPS. Opinion 7/2015. Meeting the challenges of big data. A call for transparency, user control, data, protection by design and accountability. Recuperado de https://edps.europa.eu/sites/edp/files/publication/15-11-19_big_data_en.pdf ↑

²EDPB, Guidelines 04/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak Adopted on 21 April 2020 ↑

³This checklist has been built on the basis of the EDPB, Guidelines 04/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak Adopted on 21 April 2020 ↑