No products in the cart.
OLG Hamburg: Kunuu must delete anonymous reviews
Introduction As a lawyer specializing in copyright law, competition law and IT law, I regularly face the challenge of protecting...
Read moreDetails- Latest
- Trending
In today’s digital era, many of us have become accustomed to privacy statements and cookie banners. These are present almost everywhere when we surf the Internet. But in my experience, operational data protection is underestimated or even disregarded by many companies. While online data protection measures have now become almost routine, there is often a lack of awareness of the problem when it comes to company data protection and handling employee data. A recent example from Berlin illustrates the scope of this problem.
The Berlin Commissioner for Data Protection and Freedom of Information (BlnBDI) has imposed fines totaling 215,000 euros on one company. The reason: The company had improperly documented sensitive information about the health of individual employees or their interest in forming a works council. The penalty notice is not yet legally binding.
From March through July 2021, a supervisor at the Company, at the direction of management, maintained a tabulation of all employees on probation. In this list, eleven individuals were rated as “critical” or “very critical” for continued employment. The reasons given for this included personal statements, health reasons and circumstances outside the company. Particularly explosive: A possible interest in founding a works council and regular participation in psychotherapy were also listed as reasons.
The Berlin data protection commissioner learned of the incident through media reports and a personal complaint from a person affected and initiated an investigation. The result was clear: the processing of the data collected was not lawful in the cases objected to. In addition to this main violation, three other fines were imposed on the company, totaling approximately 40,000 euros.
Meike Kamp, Berlin’s Commissioner for Data Protection and Freedom of Information, emphasized: “The collection, storage and use of employee data must always take place in the permissible context of the employment relationship. That was not the case in this instance. Health data in particular is especially sensitive information that may only be processed within narrow limits.”
In principle, employers are allowed to consider the extent to which employees should continue to be employed. Personal data may also be processed in the process. However, this data must be suitable and necessary for this purpose. They may only allow conclusions to be drawn about performance or conduct that are directly related to the employment relationship.
In assessing the fines, the BlnBDI took into account the company’s turnover and the number of employees affected. It was positively emphasized that the company cooperated comprehensively with the BlnBDI and stopped the infringement on its own initiative after it had become known to the public.
Corporate data protection is a complex and sensitive issue that should not be taken lightly. It is urgently recommended that companies take precautions here and create transparent agreements. Not only does this prevent trouble with data protection authorities, but it can also increase employee confidence. Responsible handling of employee data is not only a legal requirement, but also a sign of appreciation and respect.
Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.
Introduction As a lawyer specializing in copyright law, competition law and IT law, I regularly face the challenge of protecting...
Read moreDetails
It does not violate the German Basic Law that the provider of an e-mail service is obliged, in the context...
Read moreDetails
The gig economy has experienced an enormous boom in recent years and is increasingly shaping the modern working world. Start-ups...
Read moreDetails
The integration of smart contracts into traditional contract structures opens up fascinating opportunities for blockchain start-ups, but also poses complex...
Read moreDetails
AI & copyright is a new and important topic that worries many people. It is important to understand this issue...
Read moreDetails
Introduction The rapid development of artificial intelligence (AI) is having a profound impact on various industries, and esports is no...
Read moreDetails
Introduction: An expected verdict and its effects The Cologne Regional Court has sent a signal with a ruling that was...
Read moreDetails
Data protection madness: when theory and practice collide I normally write very neutral, factual articles in my blog on various...
Read moreDetails
What does information security mean? Information security refers to the entirety of technical and organizational measures that serve to protect...
Read moreDetailsThe Distance Learning Protection Act (FernUSG) has been experiencing a renaissance for some time now. What for decades was considered...
Read moreDetails
In this personal and engaging episode, the experienced IT and media lawyer delves deep into the gray area of his...
Read moreDetails
In this video, I talk a bit about transparent billing and how I communicate what it costs to work with...
Read moreDetails
