Data protection law in the modern information society takes on an ever more important role. Initially seen as an obstacle to a global boom industry , this area of law has become more and more an important roadmap for new ways of dealing with privacy issues. Because above all the internet users have developed an increasing flair and interest in what is happening with their datawhen browsing the internet.
One can gain a first overview by reading the Federal Data Protection Act (BDSG) which hopefully will be renewed by an EU-wide-Data-Protection Law by 2014. After that, the principle is that all processing of personal data is prohibited, unless a statute gives the processing unit a permission or there is a consent of the affected person.
An important aspect of data protection is data security. According to some study at least a significant share of attacks on corporate data does not come from outside but from the inside of companies. However unauthorized data access or data stealing is often not even recognized as an attack. Without security of computers and networks used in the automated data-processing privacy and security is absolutely impossible. The technical changes are progressing rapidly, the security market therefore must be constantly monitored, new concepts may need to be worked out. It is important to know that the subsequent change of a security concept is much more effort than just the analysis and implementation of the security requirement.
For the implementation of data protection in companies in the so-called Operational Data Protection Supervisor. Certain businesses must always be ordered data protection officer according to § 4f Section 1 a BDSG. If these special conditions are not met , the obligation of the appointment of an external data protection officer depends on the number of employees, who are ocupied with the processing of personal data.
Privacy issues should not be underestimated. In addition to considerable loss of image a violation of statutory provisions can even constitute a criminal offense or substantial monetary penalties. The supervisory authority may grant specific instructions for violations. In any case, one might just violate the privacy rights of an important person, namely that of your regular customers. However, a violation of his right to informational self-determination may result in not only end the customer relationship but also may lead to claims of compensation. Again, you should take early legal advice to avoid such mistakes.
For further information on our office please contact us by e-mail.