The Right to Be Forgotten and Covid-19: Privacy versus Public Interest

Recent studies highlight the importance of digital surveillance to gather individual health information due to the global pandemic caused by the new COVID-19 disease. This paper analyses its legal and ethical implications at the interface between the individual right to privacy and the collective interests of public health. We framed the discussion in law, deontology and utilitarianism. The lasted theories and human rights, especially privacy, are crucial in our argument. Health-derived dilemmas and efforts to solve them, especially by information technologies, bioethics and law, exist at these perspectives' interface. In particular, we analysed the intersection between autonomy, the right to privacy, and the so-called 'right to be forgotten' in the public health context. In other words, we studied the right to obtain from the controller the erasure of health data - a radical means of control over personal data established in Article 17 of the General Data Protection Regulation (GDPR). Given the lack of specifics regarding collection and re-use of such data under the broad scope of public health purposes, implied consent does not address the issue of proportionality. We highlight legal safeguards' insufficiency, suggesting applying the `right to be forgotten' according to an ethical interpretation.

lance is in the plan of COVID-19 battle (7). In other countries, the creation of biobanks of infected patients without proper consent and due process is also at stake.
Faced with these examples, that predictably can replicate on a planetary scale, the question for reflection is legal and ethical. It is necessary to think through the extent to which the public health measures adopted will not lengthen beyond what is required, exposing some fundamental rights, especially autonomy and the right to privacy (mostly in its informational dimension). Taking the case of the coronavirus outbreak, paradigmatic, and in progress, our aim in this article is to analyse its legal and ethical implications at the interface between the individual right to privacy and the collective interests of public health.
To fulfil our goal, we based our reflection on legal and bioethical theoretical research. We framed the discussion in law, deontology and utilitarianism. The lasted theories and human rights, especially privacy, are crucial in our argument. Health-derived dilemmas and efforts to solve them, especially by information technologies, bioethics and law, exist at these perspectives' interface. Furthermore, we analysed the intersection between autonomy, the right to privacy, and the so-called 'right to be forgotten' in the public health context. In other words, regarding personal health data, we studied the right to obtain from the controller its erasure -a radical means of control over personal data by its holder established in Article 17 of the General Data Protection Regulation (GDPR) (8). Given the lack of specifics regarding collection and reuse of such data under the broad scope of public health purposes, implied consent does not address the issue of proportionality in the sense that an action shall not exceed what is necessary to achieve its objectives. We highlight legal safeguards' insufficiency, suggesting applying the 'right to be forgotten' according to an ethical interpretation.

Introduction
Recently, the media and the scientific community produced a considerable amount of information about the global pandemic caused by the new COVID-19 disease. Public pressure forced governments across the globe to take public health measures to contain the pandemic. Regardless of the greater or lesser degree of restrictions, in most countries, there is a tendency towards confinement measures, a new reality for the collective good. Analysts from several backgrounds predict long lasting consequences for the financial markets, the economy, and even the political regimes in place, namely difficulties for liberal democracies are foreseen(1) with a potential rise in authoritarianism (2). Although some positions claim that there is a suspension of democratic values and rights, others argue that democracy will only get stronger by everyone's responsibility to prevent contamination (3). Indeed, decision-makers argue that quarantine measures are exceptional. According to Rajczi(4): "Liberalism permits some state intervention to prevent one person from harming another (…) quarantine measures prevent wrongful harm to third parties." On the other hand, there is a growing development of digital tools to identify infected people and their possible chains of contamination (5).
Faced with doubt, people tend to trust more in all measures, but these should be proportionate to the desired effect(3), and so, reduced in purpose and time. However, the public discourse in democratic countries does not address sufficiently the respect for individual fundamental rights, a civilizational achievement that our ancestors managed to establish and consolidate over decades, i.e. a core minimum of ethical values that define the essence of human dignity itself. Indeed, recent information points to the generalization of digital surveillance occurring in China and other countries (5). Privacy there is questionable. In this sense, a journalistic report of a reputable English newspaper explains that the monitoring of Chinese citizens' behaviour is constant and growing exponentially and refers to the difficulty of stopping this trend under the pretext of fighting the pandemic and preventing the future of public health (6). In Europe, despite stated concerns about privacy in the so-called "contact tracing" digital tools, surveil-ertheless, one could argue that freedom is in danger if human beings have no privacy (14). In this perspective, privacy is a condition of autonomy.
Given that the Kantian ethics(12) is formal and centred on the autonomy of the will, it bears emphasizing that Kant's categorical imperative is the only valid criterion that we must follow to decide whether an act is morally permissible (15)(16)(17). Accordingly, in the aftermath of COVID-19 we should enhance privacy and data protection. Data subjects might have the right to request the erasure of COVID-19 identifying data provided these data are no longer necessary given the purpose for which they were collected or processed. The 'right to be forgotten' may make sense in the future for some data, as they allow moral judgments and might have social stigma effects. Bioethics, the law and information technology have a leading role in this setting to prevent privacy violations.
With these remarks behind us, let us turn to some anti-stigma arguments, which can also relate to deontology theory.
Some could argue that disease-associated stigma is something outdated, that it belongs to the past, such as leprosy (18). However, recent facts proved this idea mistaken. Violent avoidance behaviour towards coronavirus infected people occurred just recently in Spain. According to a Spanish newspaper (19), a group of residents who gathered at the entrances of a city threw stones to an ambulance caravan transporting twenty-eight older adults infected with the coronavirus. The National Police had to escort them. Also, people gathered in the outskirts of the city and threatened to take action if more sick people arrived. During the night, the locals threw several explosive devices from buildings near the residence where the infected seniors remained.
This example sets the need to supplement new information technologies and regulation regarding data protection, which should bolster the fundamental right to privacy, autonomy and inhibit stigmatization related to the disease. Indeed, recent literature emphasizes stigmatization associated with diseases (20)(21)(22)(23)(24)(25). Social stigma regarding disease (having or not having Covid-19, for instance) can have severe consequences in several di-"foundational principles" (11) that might have different implications in privacy rights.
Deontological ethics (from Greek, dei, "must") refers to the moral theory according to which the rightness or wrongness of an action depends on features of the act itself, not on its consequences. It is ethics centred on the notion of duty (9) set up, for instance, in Immanuel Kant's philosophy (12). This philosopher considered that only goodwill is good in itself; goodwill is a will that acts out of duty. According to the Kantian perspective, what determines the morality of the action is not the objective, but the will that causes it. The will or practical reason acts according to the imperatives of necessary actions, which translates into the following precept: "act only according to such a maxim that you can at the same time want it to become a universal law" (12).
This philosophical principle is, of course, abstract. However, suppose we relate it to the value of privacy at the present public health context. In this case, one could argue that information technology and the law, for example, is critical, as it comprises the necessary actions or processes to accomplish public health protection without jeopardizing privacy. In this sense, the proper use of information technology and law suggest both can protect privacy. On the contrary, its mistreatment might have the opposite effect. As so, information technology and fair law use allow a perspective shift from "threat" to "solution".
Furthermore, Kant was one of the pioneers to acknowledge man as an end in itself (13). Dignity is the value of everything that is priceless, i.e., an equivalent cannot replace it. Dignity is a quality inherent to human beings to the extent that they autonomously exercise their practical reason; in this sense, human beings build distinct human personalities, each individual and irreplaceable (13). One shall treat human beings as an end in themselves because of rational human nature.
Humanity is dignity(13), thus inseparable from autonomy. In this sense, one could argue that autonomy is the foundation of privacy as a fundamental right. Autonomy in the sense of selfdetermination (freedom of choice), or Kantian's exercise of practical reason, entails freedom. Nev-dom that people will want to return to once the pandemic has reached its peak, suggesting that individuals may gladly choose a bio-surveillance society to protect their health better(1). This is a utilitarian argument.
The nonconforming voices of this theory consider that it constitutes a threat because it might not safeguard individual rights; it might manipulate people and endanger human dignity. We would argue this might be the case as regards privacy and data protection.
In medical ethics, we can summarize these two theories as follows: deontology is patient-focused while utilitarianism is population-focused (31). Deontology emphasizes individual rights, while utilitarianism highlights collective rights. The difference between these two perspectives derives mostly from the idea that liberalism is incompatible with proper protection of the common good. However, some criticize this argument. It is one of the most contested and discussed points in political philosophy, e.g. in the work of Rawls (32). Utilitarianism is concerned with the individual happiness and well-being no less than with 'collective good'. John Stuart Mill (29) laid down parts of the foundational theoretical groundwork for human rights as well. Furthermore, if we consider Kantian take on duties, one could claim that an individual also bears a moral duty to inform others about his/her diagnosis to prevent harm to them, i.e. to treat others as 'ends in themselves', not as means to one's well-being. This perspective calls for the ethics of virtue and a more expanded concept of free will (28). Now let us turn to a brief remark on both theories through the lens of human rights.
The right to privacy, as a fundamental human right, has its foundation in the dignity of every human being, so it is a universal right, that is, valid for all people (33). Human rights fulfilment is a material expression of a deontological approach, but this is not absolute. Indeed, there are strong utilitarian arguments in favour of strong data protection, based on the necessity to prevent privacy harms, including threats to autonomy and dignity. Having in mind that health data is mainly sensitive and that fundamental rights are not absolute, mensions: mental health, family life, access to employment and others, such as bank loan, health, and life insurance. As Oaten, Stevenson(26) state: "The study of stigma is important because of its adverse consequences for personal and social wellbeing. Stigmatized groups suffer inequalities in employment, education, and health settings, as well as adverse health outcomes and difficulties in forming interpersonal relationships." Therefore, we argue that the entities responsible in this matter should improve privacy, especially regarding COVID-19 track-and-trace apps.
Given that autonomy depends on freedom according to Kant's perspective, the latest is essential to avoid stigma. Privacy is, thus, vital to ensure freedom (14). Health privacy is even more pressing as it deals with the most profound intimacy of the human being. Hence, only in extraordinary situations, privacy might be pushed into the background, namely when demanding public health problems are at stake, such as in a pandemic (COVID-19 for example). Notwithstanding, once the extraordinary or exceptional situation is over, privacy must assume its fullness so that autonomy and freedom can once again guarantee human dignity as an ethical value par excellence (27).
On the other hand, consequentialist ethics is the moral theory, according to which one can consider actions right or wrong because of their consequences (10,28). Utilitarianism is the best-known form of consequentialism (9,28). In utilitarianism, defended by John Stuart Mill (29) and Jeremy Bentham (30), the right action is to maximize the good and utility. The good is, in general, pleasure. Thus, utilitarianism is the ethics of normal happiness. Actions are right if they tend to promote the greatest global happiness and wrong if not. Individual sacrifice is useless if it does not increase the total amount of happiness. Indeed, the claims of individuals lose importance for the benefit of all (29,30). Regarding privacy, utilitarianism might constitute a challenge, because one might consider less privacy as a necessary means to justify the collective good. In a severe utilitarian perspective, one might judge disclosing personal data without proper consent right according to a recognized utility for public health, for instance. Indeed, regarding the coronavirus outbreak, some argue that there is no answer to the degree of free-fair balance to avoid a radical utilitarian perspective. The question is precisely in knowing when the collective or public interest should overcome individual rights. It is then a question of knowing when the right to health privacy should become seconded, taking into account the interest of society. To know when it is more relevant to reveal health information than to keep it under reservation. For example, a reason for the public interest that will imply the dissemination of health results, even though it may conflict with privacy, occurs when it comes to transmittable diseases, such as COVID-19. In this case, state authorities around the globe have implemented countless security measures to contain the coronavirus outbreak (35). Notwithstanding, in some cases, these measures bump into individual rights and liberties. Moreover, in a recent viewpoint about US Emergency Legal Responses to Novel Coronavirus, it is pointed out: "During crises, the government has a special responsibility to thoughtfully balance public health protections and civil liberties (36). Therefore, we argue it is crucial that following this COVID-19 pandemic, the measures that several countries took concerning the collection of personal data of infected citizens do not extend. This matter requires adequate regulation. As we are about to discuss, we should re-examine the GDPR considering this new threat to personal data protection, particularly regarding special categories of data such as those regarding health. Indeed, in the European Union, public health is a specific exception when it comes to the processing of personal data and especially to the so-called, 'right to be forgotten' established in Article 17º of the GDPR (European Union 2016). This right grants its holder to obtain from the controller having his/ her data deleted provided the data are no longer necessary given the purpose for which they were collected or processed. Article 17 of the GDPR (8) specifies that the 'right to be forgotten' does not apply to special categories of data -as is the case with health data -if the processing is necessary for public health purposes in the public interest, for example, protection against serious cross-border threats to health. It is the case of the coronavirus pandemic.
Nevertheless, as regards the exception of public health, we would argue that a necessary causal link we believe that bioethics, the law and information technologies should play an essential role in delivering balanced solutions, which would meet halfway between deontology and utilitarianism.
Our point in laying down in this discussion basic philosophical concepts such as deontology and utilitarianism is that it might help us to think about current data collection practices in response to the COVID-19 pandemic and the risks that may result from the use of digital technologies concerning health data privacy in this context. It might help us bridge the topic to what we are about to discuss, i.e. the validity (or not) of the right to be forgotten (RTBF) in the public health context, and whether it is necessary to look beyond this law to bioethical principles to help us through the challenge as to how we should understand the RTBF.

Privacy, Autonomy, the Right to Be Forgotten and the Public Good
According to Reich(34), privacy in health can encompass: "Decisional privacy: refers to the freedom of procedural interference, i.e., the exclusion of third parties from the decision-making process (…); information privacy: achieved by imposing limits on unauthorized access to personal information and data of an individual nature, for example, HIV test results or genetic data." The right to privacy in health and the principle of autonomy relate closely to these concepts. This relationship is so proximate that one might argue that without privacy, there is a challenge for self-determination in general and informational self-determination, in particular.
However, it is also essential to address the question of the balance between public interest and privacy, the latter as a manifestation of autonomy. Indeed, as Rajczi(4) points out: "Many public health dilemmas involve a tension between the promotion of health and the rights of individuals." In democratic and plural societies, the common good requires the contribution of each individual to that end, which may imply some individual sacrifice for the benefit of the collective interest. In the area of health, one must interpret this idea with caution, meaning that this sacrifice needs a between the need to depreciate the fundamental right to data protection and the value of public health is necessary to establish. In other words: it does not seem acceptable that any health data can fall within the scope of the exception to Article 17 of the GDPR without establishing a concrete causality between that data and public health. Therefore, health data must be of "actual" public health relevance and not merely of a "potential" one. Indeed, the reverse view would make this exception a rule. Thus, we argue that we must specifically assess if there is an extraordinarily relevant public interest for this exception indeed be it; otherwise, it will quickly become the standard. Thus, we cannot configure health data as of public interest or public health by nature, or intrinsically, as it is essential to articulate the values in presence according to proportionality criteria. Moreover, the burden of proof that proportionality does exist is on the side of the person/entity that wants to retain the patient's health data.
A severe utilitarian perspective is exceptionally admissible given that a unique motive or an extraordinary reason exists, as is the case of the coronavirus outbreak. Autonomy and informational selfdetermination, and the right not to know, shall not prevail in this specific context. Exceptional utilitarian measures might be proportional if subjected to the burden of proof. However, data controllers should destroy current lists of infected persons as soon as compliance with public health interest is over. Accordingly, the 'right to be forgotten', on a deontological perspective, might make sense once the pandemic ends. Where circumstances are normal, the maintenance of the processing of personal data relating to COVID-19 should depend on a specific purpose and specific consent of the data subject. Otherwise, the sacrifice regarding privacy is not proportional. Even if we have anonymized data, controllers should not maintain databases without consent. Simple crosschecks of personal data could result in patient re-identification in such databases. Therefore, as regards the sharing of the research results, it does not seem acceptable to assume the consent of data subjects, according to the principle of purpose limitation -Article 5, point 1/b) of the GDPR(8)-because the purpose is not the same for which its collection first occurred. Perhaps the 'right to be forgotten' could have an essential part in this setting, which is much more unlimited than the public health purposes justifying the processing of health data. A fortiori, the constitution of biobanks with blood and other biological specimens of COVID-19 positive patients should be subject to the same rules. Thus, authorities should review the GDPR in light of these arguments. The ruling within the European Union should establish data sharing with respect for ethical considerations, biobanks of infected patients should comply with informed consent and regulation should allow the right to delete personal data provided the circumstance satisfies special requirements, such as the lack of concrete public health reasons.
When we discuss public health, the public interest is within the debate. Given that several public health difficulties comprise a choice between health protection and individual liberties, a costbenefit analysis is then necessary. Proportionality is, thus, the critical factor. For that reason, as never before, policymakers, public health professionals and academics require humility, so that public health does not become a cold and calculating science that visions human beings as mere statistics. It is not acceptable from an ethical point of view that we regard human beings only as a means, rather than an end in themselves, with intrinsic value (27,33). As Lee, Sim, Mackie(37) point out, the public health field of study should provide a basis for the evidence and a more significant sum of human knowledge. Nevertheless, we should be aware that these studies are brief observations of reality, which may reflect a partial view of human understanding. Even if unconsciously, it may be easy to forget the broader context in which public health work takes place, and many ethical dilemmas involving the practice of public health may often escape (37). Accordingly, since fundamental rights are not absolute, we need to reassess them in the light of the noble public health argument. However, then again the law should put a boundary to the general movement regarding personal data availability in two dimensions: there must be a concrete causal link between the accessibility of data and the public health imperative and the time of storage. Consequently, the 'right to be forgotten' may make sense in the future for some data, as they allow value judgments and might cause so-cial vulnerability (3). The social stigma argument draws attention to autonomy, privacy, and the need to protect personal health data, particularly regarding the 'right to be forgotten' in this setting. Social stigma might cause, besides others, severe medical injustices. Accordingly, the GDPR should regulate this issue adequately, particularly regarding the 'right to be forgotten'.

Conclusion
This article combines several challenging problems. The question of how basic philosophical concepts such as deontology and utilitarianism might help thinking about current data collection practices in response to the COVID-19 pandemic. The risks that may result from the use of digital technologies concerning health data. The question of how existing legal frameworks -GDPRgovern data collection and usage practices in a public health emergency. Problems related to the proportionality assessment. Each of these questions would deserve an in-depth analysis; however, this article merely aimed to highlight problematic intertwined issues in order to discuss if the RTBF should or should not apply when it comes to emergency exceptions in the data protection context, and based on what ethical considerations. As so, combined arguments framed on consequentialist and non-consequentialist ethical theories and human rights led us to argue that there seems to be no basis for the exercise of the 'right to be forgot-ten' regarding health data when there are imperative public health motives because proportionality is the critical factor concerning competing human rights. Nevertheless, in this case, the burden of proof is on the side of the health care authorities to show that there are compelling reasons, and therefore a moral duty, to preserve (and eventually share) patient's health data. Indeed, when there are concrete and weighty public health purposes -as in the current case of coronavirus pandemic -we argue that policymakers, academics, and public health professionals should be careful that public health science does not become authoritarian, discriminatory or uncooperative about fundamental rights. A severe utilitarian perspective, especially regarding those in society exposed to marginalization because of social stigma, will increase even further their vulnerability.
In times of a pandemic, although excessive privacy and data protection may seem irrational and disproportionate, for those who suffer invasions of privacy, which is a condition of autonomy, identity and freedom, reality may be very different from the partial perceptions of exceptional times.
Privacy, like other fundamental rights, is not an absolute value. Nevertheless, it must remain unquestionable since it is a corollary of human dignity. Thus, we feel that bioethics, technology, and the law have a duty to work together on this path.