get vs. give

On 5 July 2017, almost a year before the General Data Protection Regulation (EU/2016/679, the “GDPR”) will be applied, the new German Federal Data Protection Act (‘Bundesdatenschutzgesetz’) passed the final stage of the legislative process, the so-called German Data Protection Amendment Act (the “GDPAA”). It has been countersigned by the German Federal President and published in the Federal Law Gazette. 

The GDPAA will, with one exception outlined below, enter into force on 25 May 2018, and will substantially change the current German Federal Data Protection Act in order to align it to the GDPR, to make use of its derogations, and to implement the Law Enforcement Directive (EU/2016/680). 

Although the GDPR directly applies across the EU and its provisions prevail over national law, Member States retain the ability to introduce their own national legislation based on certain derogations provided for by the GDPR. These derogations include national security, prevention and detection of crime, and also apply in certain other important situations – the so-called ‘opening clauses’.

The Constitutional Court said that the current laws did not do enough to protect personal privacy in the digital realm.

July 2020. BERLIN — The German police and intelligence agencies have excessive access to citizens’ mobile and internet communications, the country’s Constitutional Court said on Friday, ordering the existing laws to be tightened.

It was the latest decision by the court to support personal privacy over public security concerns in the digital sphere, which, taken together, have made the country a world leader in protecting personal privacy.

Critics charge that the string of court decisions could hinder the ability of security services to prevent crimes and terrorist attacks.

US legislation means Washington could seek access to sensitive police data that Germany plans to store with Amazon Web Services.

April, 2019. BERLIN — Amazon’s cloud hosting services are not suitable for storing German police data due to a risk of U.S. snooping, Germany’s top data protection officer told POLITICO.

Ulrich Kelber, Germany’s federal commissioner for data protection and freedom of information, said that U.S. authorities could invoke the CLOUD Act to demand access to data held by Amazon Web Services — creating a risk for German government bodies that store data with them.

The CLOUD Act, passed last year by Donald Trump’s administration, allows American authorities to compel U.S.-based tech companies to provide requested data, regardless of whether that data is stored in the U.S. or abroad.

Germany’s data storage laws are comparable to those of Russia and China, according to a top US tech think tank. Forcing companies to store data locally hinders the global digital economy, the ITIF argues.

Germany is up there with Russia, China, Turkey, and Indonesia on a list of countries that pursue protectionist policies that damage global technological innovation, according to a leading US think tank.

The Information Technology & Innovation Foundation (ITIF) released a report this week arguing that Germany’s data storage law, which was updated in 2015 to tighten cybersecurity, was a potentially damaging hindrance to free trade.

The 2015 law change forced telecom companies to store metadata locally in Germany, rather than anywhere else – even in the European Union. This amendment “potentially violates rules that protect the freedom of services…  and the free flow of personal data” protected by EU laws, the ITIF said in its report entitled “The Worst Innovation Mercantilist Policies of 2016.”

But some German economists were skeptical. Barbara Engels, digitization specialist at the Cologne Institute for Economic Research (IWK), seemed surprised by the ITIF’s accusation. “I don’t see a problem the way this institute does,” she told DW. “I don’t really see exactly how it should hinder innovation.”

German authorities have too much access to people’s internet and mobile phone data and laws must be rewritten as they are unconstitutional, a court says.

The federal Constitutional Court in Karlsruhe has ruled that the privacy of Germans should be better protected.

Police investigating crimes or trying to prevent terror attacks are currently allowed to access names, addresses, birth dates and IP addresses. They are not entitled to access data involving connections to other people.

However, campaigners challenged the existing laws, and the judges agreed police should only be allowed such access if there was a specific danger or suspicion of a crime. Current laws violated the right of citizens to phone and internet privacy, they ruled.

Privacy is a significant concern for Germans for historical reasons, dating back to the all-pervasive Stasi intelligence service of the old East Germany and the vicious Gestapo of the Nazi era.

LondonCNN Business — 

European governments are racing to develop apps that can track the spread of the coronavirus to prevent a second wave of infections when the economy reopens.

Germany is further along than most, and hopes to have an app ready to download within a few weeks. But details are scarce, and if the app is to succeed, Germans will have to overcome a widespread reluctance to share data with authorities that is rooted deep in the country’s history during the Nazi period and under Communist rule in East Germany.

“The skepticism of Germans in terms of data protection is remarkable when it comes to sharing data [with the government],” said University of Mannheim Professor Sebastian Siegloch, who has studied German attitudes toward surveillance and privacy.

Asking delicate questions in Berlin, the capital of personal data protection

In Berlin this week, I’ll be trying to better understand how Germans are thinking about the surveillance debate that has roiled the free world in recent months. Conventional wisdom has it that citizens of this country are particularly attuned to the importance of privacy due to Stasi excesses during Communist rule. 

Has the resonance of the issue been overstated, as some observers suggested after the recent parliamentary election, when Chancellor Angela Merkel triumphed even as privacy advocates in the Pirate Party seemed to lose ground?

Activists are helping lead the battle for Germans to control their data privacy.

BERLIN — In a quiet neighborhood of Berlin’s Kreuzberg district, C-base, a hackers den designed to resemble a space station – complete with LED kitsch – is a hive of activity. On a Wednesday evening, several dozen Berliners gather to socialize and hear presentations on net-related topics while sipping pilsners. This is the monthly “Internet politics” evening of Berlin’s Digitale Gesellschaft – Digital Society, in English – an organization that campaigns for civil rights and consumer protection in Internet policy.

Understanding the German mentality to data protection and data privacy is fundamental to doing successful business in the country

Nowhere in the world are there stricter requirements for data protection and privacy than in the European Union – and within the Union, no other country stands for data protection more than Germany. If you want your business to be successful in Germany, you should know the reasons. They have to do with the country’s history.