fbpx

Download free GDPR compliance checklist!

Tag Archives for " Germany "

Germany switches sides in privacy contact tracing solution backing Apple and Google

Germany appears to have undertaken a volte-face in the approach it takes to combine privacy and contact tracing, supporting an approach which also has support from Apple and Google.

The race has been on to create a way that enables the tracing of people who have been in the close proximity of an individual who had tested positive for Covid-19, while preserving privacy. The solution lies with anonymity, using bluetooth connectivity with smart phones.

Source: Germany switches sides in privacy contact tracing solution backing Apple and Google

German Supervisory Authority Publishes New Standard Clauses for Processors

On April 9, 2020, the German Supervisory Authority of Baden-Wuerttemberg published standard contractual clauses for data processors pursuant to Article 28(8) GDPR.

It is the first German Supervisory Authority to do so, and the second in EU after the Danish Supervisory Authority published its own standard clauses in July 2019.

Source: German Supervisory Authority Publishes New Standard Clauses for Processors

Amendments to the German Infection Protection Act interfere with privacy

On 23 March 2020 the Federal Cabinet adopted the Amendments to the Infection Protection Act, as proposed by the Federal Ministry of Health (BMG) which include measures that aim to slow down the infection rate of COVID-19 (‘Coronavirus’) and have an impact on the right to privacy.

The Federal Commissioner for Data Protection and Freedom of Information (‘BfDI’), Ulrich Kelber, criticised some of the Amendments as potentially excessive and not proven to be effective. In particular, the BfDI highlights that the Amendments contain extensive record obligations for the transport sector, and also lack the obligation to delete personal data recorded during the health crisis afterwards.

Source: Germany: Amendments to the Infection Protection Act interfere with “right to privacy quite significantly” | DataGuidance

Deutsche Telekom shares location data to fight Coronavirus

Deutsche Telekom wants to support the Robert Koch Institute in containing the coronavirus pandemic with cell phone data.

Therefore Deutsche Telekom provides RKI with customer data that can be used to track the movement of mobile phone users. For this purpose, the company is said to have already made part of its customer data accessible to the authority in an anonymous form.

Source: (7) How does the corona virus spread ?: RKI receives cell phone data from Deutsche Telekom – Wissen – Tagesspiegel

Facebook’s Tiny Privacy Fine Is a ‘Warning,’ Watchdog Says

Facebook Inc.’s German unit was handed a fine of 51,000 euros for failing to properly nominate a data protection officer for its local office, a penalty privacy regulators said should still serve as a “warning” to others.

While the punishment seems tiny for the social network giant, it targets the German unit and not the “billion-dollar parent company,” the data protection authority in Hamburg, Germany, said in its 2019 annual report published on Thursday.

Source: Facebook’s Tiny Privacy Fine Is a ‘Warning,’ Watchdog Says – Bloomberg

German Federal Supervisory Authority Launches Public Consultation on Anonymization

On February 10, 2020, Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI) launched its first public consultation procedure.

The consultation invites comments on a position paper of the BfDI which addresses the anonymization of personal data under the General Data Protection Regulation (GDPR), with a particular focus on the telecommunications sector (for example, the anonymization of location data in mobile networks).

Source: German Federal Commissioner for Data Protection and Freedom of Information Launches Public Consultation on Anonymization

German court sides with consumer groups against Facebook data collection

Facebook has suffered a blow against its data collection practices in Europe, with a German court ruling some of the social media giant’s user terms.

Last week a Berlin Court ruled in favour of the Federation of German Consumer Organisations, known locally as VZBV, in its case against Facebook. VZBZ alleged the tech giant is violating GDPR’s “informed consent” requirements with its privacy settings and some of its terms and conditions.

Source: German court sides with consumer groups against Facebook data collection – Which-50

€114 Million in Fines Imposed by EU Authorities Under GDPR

New findings from DLA Piper show that 160,000 data breach notifications reported across 28 European Union Member States and data protection authorities have imposed €114 million in monetary fines under the GDPR for a wide range of infringements. Not all fines were related to data breach infringements, however.

In terms of the total value of fines issued by geographical region, France (€51m), Germany (€24.5m) and Austria (€18m) topped the rankings, whilst the Netherlands (40,647), Germany (37,636) and the UK (22,181) had the highest number of data breaches notified to regulators.

Source: €114m in Fines Imposed by Euro Authorities Under GDPR – Infosecurity Magazine

German Constitutional Court to hold hearing on surveillance powers of the “German NSA”, the BND

The Federal Constitutional Court will hold a hearing on the BND Act on January 14th and 15th, 2020.

Plaintiffs expect a fundamental ruling defining the limits of intelligence gathering abroad. An alliance of six media organisations and the Gesellschaft für Freiheitsrechte (GFF) had filed a constitutional complaint against the BND Act, which gives broad surveillance powers to the Federal Intelligence Service (BND).

Source: German Constitutional Court to hold hearing on surveillance powers of the “German NSA”, the BND – GFF – Gesellschaft für Freiheitsrechte e.V.

German Supervisory Authorities Propose Changes to the GDPR

On December 2, 2019, the German Supervisory Authorities issued a report evaluating the implementation of the EU General Data Protection Regulation (“GDPR”) in Germany.

The report describes the Supervisory Authorities’ experience thus far in applying the GDPR and lists the provisions of the GDPR they see as problematic in practice.  For each of these provisions, the report discusses the perceived problem and proposes a solution.

Source: German Supervisory Authorities Propose Changes to the GDPR | Inside Privacy

>