Following a number of embarrassing high profile data protection scandals the German data protection commissioner has called for tighter measures to protect sensitive data and to prevent potential misuse. He presented his case this week to the German Minister of Interior and apparently got his way.
A new bill will be sent to parliament in November containing measures to increase penalties for misuse of consumer data and providing citizens with the right of consent. Without consent data cannot be passed on to third parties, but companies have the right to collect and store sensitive data on clients. The government will also issue rules governing data security audits and considers providing certificates of compliance for companies who have passed data security audits. Government will be investigating the feasibility to tag data so that its origin can be identified following misuse of such data.
BIIA Comment: Technology in form of laptops and small storage devises has overtaken the 30 year old data protection law. It was high time to have the law overhauled. Not a week goes by without an incident where sensitive data of individuals turn up on the Internet or being sold by shady call center operators.
The law is meaningless if compliance is not rigorously enforced and heavy fines levied on offenders. Unfortunately government is not always the perfect role model either. The German Ministry of Finance paid a data thief Euro 6 million to get its hands on sensitive bank data with the help of the German Secret Services. That is tantamount to rewarding a thief and not holding up the virtues of protecting the rights of citizens to privacy. Government departments handling sensitive data of its citizens have had their fair share of lost or stolen lap tops.
What is the relevance for Asia? It has yet to be seen whether the revised law will be balanced to permit the pooling of information in critical business decisions and at the same time will be able to protect sensitive data from unauthorized use. Whatever happens in Germany on this subject will have implications within the EU and once they become standards within the EU, sooner or later the EU will try to impose these standards on other countries.
Source: Germany Press Reports
BIIA Newsletter September 2008 Issue