Tag Archives for " Germany "

German Lawyer Sanctioned Due to Incomplete GDPR Policy

An interim injunction has been issued by Würzburg Regional Court against a lawyer who displayed an unfinished Privacy Policy on her firm’s website which also included an unencrypted and unprotected contact form. Reaction to the ruling has been mixed as the sanction due to the unfinished GDPR policy was understandable but ruling regarding the unencrypted form was more confusing as this does not affect the transfer of information.

Source: German Lawyer Sanctioned Due to Incomplete GDPR Policy – Compliance Junction

German government pushing courts to submit data retention cases to CJEU

The German government is urging judges at the German Constitutional Court to submit a series of constitutional complaints filed against Germany’s data retention laws to the Court of Justice of the European Union (CJEU), threatening to delay the court’s verdict on the controversial data retention legislation by months or even years. If the cases are submitted to the ECJ, Germany’s constitutional court would have to wait for a ruling from the ECJ before issuing a verdict of its own.

Source: German government pushing courts to submit data retention cases to ECJ – Heise – Telecompaper

German data protection authorities establish new rules for whistleblowing hotlines

In light of the GDPR, the German data protection authorities (German DPAs) have issued new guidance regarding the implementation of whistleblowing hotlines. The new position of the German DPAs is so fundamentally different from their pre-GDPR position that German companies should review, and likely implement changes to, any existing whistleblowing hotlines offered to their employees.

Source: GDPR – German data protection authorities establish new rules for whistleblowing hotlines: Call for action

ICANN loses injunction bid in dispute over WHOIS data in Germany

A German appeal’s court has rejected a bid from the internet’s global domain name organisation, the Internet Corporation for Assigned Names and Numbers (ICANN), to force a domain name registrar in the country to collect additional personal data.

Source: ICANN loses injunction bid in dispute over WHOIS data in Germany

First court decision on GDPR

Only five days after the GDPR became applicable, the first German court, the Regional Court ( Landgericht ) Bonn (in a decision dated 29 May 2018, case number 10 O 171/18 – in German only), issued a ruling on the practical application of the GDPR.

The court was called upon to rule in an interim injunction proceeding about the data minimization principle set forth in Art. 5 (1) lit. c) GDPR. The Parties to the proceeding were the Internet Corporation for Assigned Names and Numbers (ICANN) against the German-based, ICANN-accredited Registrar EPAG Domainservices GmbH.

The court ruled that ICANN could not show credibly that the collection of data on administrative contact persons of domains is necessary pursuant to Art. 5 (1) lit c) GDPR and therefore that EPAG is not obligated to collect such data.

Source: Germany: First court decision on GDPR

Deutsche Telekom not required to follow data retention laws

Deutsche Telekom is not required to store communications data from its customers under Germany’s data retention laws given that these laws are incompatible with European law, ruled the Administrative Court of Cologne.

The court said it was following a ruling from the Higher Administrative Court of Muenster last year that found Germany’s data retention regime violated EU law by exceeding limits the European Court of Justice (ECJ) imposed on the extent of data retention in its own prior ruling. Given the primacy of EU law over domestic law, Telekom is not required to follow the German legislation as a result in this case, it said.

Source: Deutsche Telekom not required to follow data retention laws – German court – Telecompaper

1 2 3 5
>