fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " Germany "

German court decides on the scope of GDPR right of access

The Supervisory Authority of Hesse region stated that the term “copy” in Art 15 GDPR should not be understood literally but rather in the sense of a “summary”.

This interpretation appears to conflict with an earlier decision of the Labor Appeals Court of Stuttgart which ordered an employer to provide actual copies of all information held by the company.

More recently, the Appeal Court of Cologne held that the customer of an insurance company is entitled to access all personal data pertaining to him and processed by the company, including any internal notes regarding conversations between company employees and the customer.

Source: German court decides on the scope of GDPR right of access

Germany investigates Google speech assistance systems

Based on recordings from whistleblowers, the media recently reported that Google’s Home Speech Assistant was used to evaluate acoustic recordings by employees in order to optimize the speech recognition process.

The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has initiated an administrative procedure to prohibit Google from carrying out corresponding evaluations by employees or third parties for the period of three months. This is intended to provisionally protect the rights of privacy of data subjects for the time being.

Source: Speech assistance systems put to the test – Data protection
authority opens administrative proceedings against Google

German schools ban Office 365 due to privacy concerns

The German state of Hesse has ruled it’s illegal for its schools to use Office 365 after years of debate over whether the country’s schools and institutions should use Microsoft tools at all.

The Hesse Office for Data Protection and Information Freedom says the standard configuration in Office 365 could potentially make students’ and teachers’ personal data available to US officials. In addition to the information that users provide when they’re working in Office 365, the platform sends telemetry data back to the US.

Source: German Schools Ban Office 365, Cite Privacy Concerns

Germany fines Facebook for under-reporting complaints

German authorities have fined Facebook 2 million euros for under-reporting complaints about illegal content on its social media platform in breach of the country’s law on internet transparency.

Germany’s Federal Office of Justice said that by tallying only certain categories of complaints, the web giant had created a skewed picture of the extent of violations on its platform.

Source: Germany fines Facebook for under-reporting complaints – Reuters

German Bundestag approves 2nd German Data Protection Adaptation Act

On 28 June 2019, the German Bundestag passed the 2nd German Data Protection Act (“2nd DSAnpUG”) which will amongst other things further adapt the German Federal Data Protection Act („BDSG“), the German Federal Registration Act (“BMG”), the German Act on the Federal Office for Security in Information Technology (“BSI-Act”) and the Act on the Establishment of a Federal Institute for Digital Radio of Authorities and Organizations with Security Responsibilities (“BDBOS-Act”) to the provisions of the General Data Protection Regulation („GDPR“).

Full article: German Bundestag approves 2nd German Data Protection Adaptation Act (“2nd DSAnpUG”): Summary of significant changes for German data protection laws.

Germany mulls giving end-to-end chat app encryption

Government officials in Germany are reportedly mulling a law to force chat app providers to hand over end-to-end encrypted conversations in plain text on demand.

Ministry of the Interior wants a new set of rules that would require operators of services like WhatsApp, Signal, Apple iMessage, and Telegram to cough up plain-text records of people’s private enciphered chats to authorities that obtain a court order.

Source: Germany mulls giving end-to-end chat app encryption das boot: Law requiring decrypted plain-text is in the works • The Register

German regional data protection authorities impose fines of EUR 449,000 for GDPR breaches

German regional data protection authorities have imposed fines in 75 cases totalling EUR 449,0000 for breaches of the European General Data Protection Regulation (GDPR), since it came into effect in May 2018.

Fines have been imposed in six federal states. In Baden-Wurttemberg, for example, the data protection authorities imposed fined worth EUR 203,000 in seven cases, in Rhineland-Palatinate EUR 124,000 for nine cases, in Berlin EUR 105,600 for eighteen cases and in Hamburg, EUR 25,000 for two cases, the report added.

Source: German regional data protection authorities impose fines of EUR 449,000 for GDPR breaches – Telecompaper

Google opens German centre to improve data privacy

Google has revealed plans to open an engineering centre in Munich as part of the tech giant’s bid to take data privacy more seriously.

The popular search engine says the new privacy-focused hub, to be built in Munich, should help the company strengthen its data protection credentials as the global demand for higher data privacy standards continues to grow.

Source: Google opens German centre to improve data privacy

German DSK publishes guidance on the applicability of the German Telemedia Act to telemedia services

On April 5, 2019, the association of German Supervisory Authorities for data protection (‘Datenschutzkonferenz’ or ‘DSK’) published a guideline regarding the applicability of the German Telemedia Act (‘TMG’) to telemedia services – including, for example, the use of website cookies for targeted advertising post-GDPR.

The guideline aims to “clarify and concretize” a previous statement on the topic released by the DSK in April 2018 and to serve as guidance for the implementation of data protection requirements when processing users’ data through telemedia services.

Full aticle: German DSK publishes guidance on the applicability of the German Telemedia Act to telemedia services

Facebook Custom Audience illegal without explicit user consent, Bavarian Data Protection Authority rules

Online shops and marketers routinely share customer data with Facebook to reach them with targeted advertising.

Turns out: in many cases this is illegal. A ground-breaking decision by a German Data Protection Authority recently ruled that matching customers’ email addresses with their Facebook accounts requires their explicit consent.

Source: Facebook Custom Audience illegal without explicit user consent, Bavarian Data Protection Authority rules – netzpolitik.org

1 2 3 7
>