The present commentary is based on the following considerations:
1) for the purposes of authorisation, a distinction is drawn between “research” and “intervention”. The procedures for authorising the former are more complex, the relevant controls are stricter and approval has to be granted by a Research Ethics Committee (REC);
2) although the debate is still open, it is barely credible to claim that public health surveillance is not a form of research. It should, therefore, be subject to rigorous ethical assessment;
3) when addressing specifically the issue of surveillance, it would be appropriate to shift the focus of attention from the type of procedure (research/intervention) to the risk implied in that procedure;
4) much emphasis has hitherto been placed on the risks that public health surveillance may imply for the protection of personal data;
5) the emphasis on the protection of personal data is frequently excessive and the risks should be examined in a broader context.