Data protection

This article sets out recent developments regarding telecoms and data protection law in Austria in the context of the COVID-19 pandemic.


Telecoms providers must now:

  • send mass alerts (eg, regional access prohibitions) via text message on order of the government; and
  • provide traffic and location data for the purposes of evaluating whether individuals are complying with quarantine orders.

Data protection

The following legislative developments have taken place with respect to data protection:

  • Certain laws have been revised to facilitate health and disease data reporting to the competent health and state authorities.
  • An allowance has been introduced for municipality authorities to provide city majors with the names and addresses of individuals who live in isolation to ensure that such individuals receive essential supplies.

Further, although not an explicit revision of data protection law, the revision of the Social Insurance Act will have a significant impact on data protection. Following the revision, individuals whose health is at risk will be entitled to ask to take leave with full pay.

In this regard, an expert medical group will first define the relevant COVID-19 health risks. The state social insurance agency will subsequently attribute individuals to a risk group. Once attributed, individuals can ask their healthcare professional to confirm their risk group and can then provide confirmation of this to their employer. No data protection provisions have been provided, which means that this is a fairly intrusive regulation with no mitigating data protection provisions. Employers must interpret and apply the provisions of the EU General Data Protection Regulation.

For further information on this topic please contact Günther Leissler at Schoenherr Attorneys at Law​ by telephone (+43 1 5343 70) or email ([email protected]). The Schoenherr Attorneys at Law website can be accessed at