Menu
German Flag

Germany to amend federal privacy law

, , , , , ,

The German Federal Cabinet recently approved the Draft Law amending the Federal Data Protection Act (BDSG). This legislative proposal is set to undergo further scrutiny by the Bundesrat and the Bundestag. The Draft Law aims to address issues identified in the 2021 BDSG evaluation by making changes to Parts 1 and 2 of the BDSG. Notably, one of the key amendments institutionalizes the Data Protection Conference (DSK) within the BDSG, although decisions made by the DSK remain non-binding in a legal context.

Another significant change introduced by the Draft Law pertains to companies and institutions processing personal data for specific purposes. Under the proposed amendment, these entities acting as joint controllers may be supervised by a single German supervisory authority, rather than multiple authorities based on their geographical locations. This streamlining process involves notifying all relevant supervisory authorities of their joint controller status and expressing a preference for supervision by the authority in which the entity with the highest annual turnover is situated.

Furthermore, the Draft Law introduces amendments to section 34 of the BDSG concerning data subject access rights. The revision clarifies that business and trade secrets are considered rights and freedoms of “other persons,” providing controllers with grounds to withhold certain information if its disclosure could compromise these interests. Additionally, in response to a recent CJEU judgment, the Draft Law establishes a new legal basis for scoring practices. This includes the creation of a new section in the BDSG allowing for the use of scoring mechanisms to predict future behavior or assess creditworthiness, subject to specific limitations on data usage and protection.

Lastly, the Draft Law proposes the introduction of a new section 40a in the BDSG to facilitate joint controllers’ interactions with supervisory authorities. This provision enables joint controllers under different supervisory authorities to designate a single competent authority for both entities. The competent authority will be determined based on the joint controllers’ respective turnovers, with the authority overseeing the entity with the highest annual turnover taking on supervision responsibilities for both parties.

  • Save

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap