While European countries have been known to be quite protective of citizens’ privacy, a new draft law in Germany is raising a lot of eyebrows in the privacy community. The bill, proposed by Interior Minister Thomas de Maiziere, plans to limit the powers of German data protection authorities.
The draft law restricts German data protection authorities from investigating violations of medical and legal records. Video surveillance will also include facial recognition software for “national security” purposes.
Additionally, the draft law would end citizens’ right to know what data is collected by public institutions and private businesses alike. Businesses will not have to release user data if doing so “seriously endangers” a company’s “business purposes.” I don’t have to go into much explanation as to why this is a disaster from a consumer privacy standpoint.
What Exactly Does the New German Law Mean?
At first glance, the law seems to go directly against new EU data protection legislation coming into effect in 2018. The upcoming EU legislation calls for companies to collect as little personal data as possible. Social media services will also have to enable the strictest privacy settings set by default.
In essence, the draft German law seems to fully ignore the new EU privacy laws, which is quite alarming. Why does the German Interior Ministry want to pass a controversial law in direct conflict with the EU? Regardless, it will be interesting to see the EU’s response to the draft law.
Supporters of the bill argue that the new draft law addresses cyber security and threats to Germany’s national security. Supporters also point to the ongoing refugee crisis and rising terrorism. What doesn’t make sense is that Germany is looking to safeguard business interests over citizen privacy.
One can see the excuse of “national security” being used elsewhere (the UK’s Snooper’s Charter and the US’s Patriot Act). These laws seriously degrade citizens’ rights to privacy and should serve as a warning to German citizens.
By taking away people’s right to know what data is being collected about them, whoever is collecting and using this data stands to gain the most. Hackers and identity thieves will also be licking their chops with this new law. More user data means that data breaches will result in even more sensitive data available.
Part of the new law also restricts the power of the Federal Data Protection Commissioner’s office, making it near-impossible to investigate any data breaches. These changes go directly against the incoming EU legislation.
Does This Mean the End of Privacy in Germany?
It is important to remember that the law is a draft, meaning it is not conclusive and might still face some changes. Criticism from German citizens and politicians is already occurring. The German union for data protection (DVD) has condemned the draft law as a total disaster for the rights of German citizens. DVD chairman Frank Spaeing described the draft as a “data protection prevention law,” while also calling for widespread changes to it.
Interestingly, the law is also seen by the DVD as an improvement over previous drafts from the Interior Ministry. While this might be good to hear, it does speak volumes about the real aim of the German government. The blatant disregard for fundamental rights should make Germans question the government’s intent.
Germany’s status as a 14 Eyes member was already a good enough reason to doubt the country’s commitment to privacy. This new draft law only further pushes Germany down a slippery slope without regard for citizens’ rights.