The new federal government is starting 2022 in crisis mode. It is lost sight of the fact that the traffic light coalition of SPD, Greens and FDP has also planned a lot in terms of digital policy. In Episode 54 of the c’t data protection podcast, Joerg and Holger discuss the most important plans for changes in data protection, insofar as they can already be read from the coalition agreement.
To do this, they invited a guest who not only follows the German data protection regulations closely, but also provides input: Frederick Richter is a lawyer and a member of the board of directors Foundation Data Protection, which provides independent expertise and contributes to the public debate. The foundation was launched in 2012 by the then federal government and is intended to strengthen the position of data protection in society.
Important new regulations
The traffic light has set itself the goal of modernizing employee data protection with new regulations. Richter considers this important, since monitoring efforts and performance control are booming in view of the shift of work to the home office. He also welcomes the fact that nationwide positive lists for “data protection-compliant learning and teaching materials” are to be drawn up. Universities and state school authorities are left to their own devices here, but “you have to keep the community running on a permanent basis”.
All three participants found the formulations for the continuation of the “data strategy” vague. Richter criticizes buzzwords that are not yet filled with life, such as the “data institute” that is to be created. Is this about handling anonymous data in the sense of open data, or personal data in the sense of the GDPR? The situation is similar with the “data trustees” and the “data hubs” mentioned in the coalition agreement. It is still not at all clear which concepts the government intends to pursue here.
Richter emphasizes positively that the federal government wants to develop standards for the anonymization of data. Open data will play an increasingly important role, and so far there are no guidelines on how personal references in data should be removed in accordance with GDPR before they can be released. Richter complains that the GDPR contains a blank space that the EU has still not filled.
180 pages of advice from specialist lawyers: What companies, associations and the self-employed need to know! With many FAQs, instructions, checklists and samples. On DVD: 60-minute webinar “Anatomy of an IT disaster” – be prepared and master the crisis.
Here are all the episodes so far: