On 27 April 2017 the German Parliament passed an entirely new Federal Data Protection Act. The new BDSG replaces the old BDSG, which has been in force for the last 40 years. The new BDSG shall adapt the German law to the provisions of the EU General Data Protection Regulation. The new BDSG will now form the basis for the adaption of German acts to the GDPR. Further acts concerning special processing situations like social security data protection are likely to follow.
Please join us for our March 2017 Privacy and Cybersecurity Events.
The EU’s General Data Protection Regulation, which comes into force in May 2018, is generally designed to align data protection requirements across the EU. However, its opening clauses offer countries some freedom in their implementation of the Regulation and, thus, room to differ. In August 2016, the German Ministry of the Interior released its first GDPR implementation proposal to widespread criticism from both experts and data protection authorities. Recently, the BMI published a revised proposal, a new Federal Data Protection Act. The draft provides further details regarding the scope and implementation of existing GDPR provisions and also contains additional data protection requirements beyond those provided for in the Regulation. We explore notable specifications to and deviations from the GDPR.