As of May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC, also known as the GDPR, is in force in all Member States of the European Union.

Regulation (EU) 2016/679 provides for a number of opening clauses for the national legislator. At the same time, it contains concrete regulatory mandates addressed to the member states. Subsequently, it was also necessary to review the area-specific data protection law for compatibility with Regulation (EU) 2016/679 and, where necessary, to adapt it.

Such an adjustment, in which, among other things, more than 150 laws are adjusted, albeit in some cases only very slightly, was passed by the Bundestag yesterday.

The draft law adapts the existing sector-specific data protection regulations of the Federal Government to the requirements of Union law with the following regulatory priorities:
– adaptation of definitions;
– adaptation of references;
– adaptation (or, in some cases, creation) of legal bases for data processing; – regulations on data subjects’ rights; – adaptations due to directly applicable requirements on technical and organizational measures creation) of legal bases for data processing;
– regulations on the rights of data subjects;
– adjustments due to directly applicable requirements of Regulation (EU) 2016/679 on technical and organizational measures, commissioned processing, data transfer to third countries or international organizations as well as compensation for damages and fines.

Probably most relevant for many companies, among other things, is the fact that a data protection officer is now only necessary if more than 20 or more employees are generally involved in the automated processing of data.

Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: Bundestag Customization Data protection Law Laws Privacy Regulation Test