News

An elaborate review process before the introduction of every digital tool, new decisions by the supervisory authorities on a regular basis and court rulings throughout Europe that can have an impact on one's own company - the data protection requirements put companies in Germany under constant pressure. At the same time, the supervisory authorities do not get good marks for their advice. Half of the companies (50 percent) say Germany is overdoing it with data protection. Two-thirds (66 percent) believe that strict data protection and the inconsistent interpretation of data protection in Germany make digitisation more difficult.

Controllers and data processors need legal certainty, also when it comes to complying with reporting obligations under data protection law. Although there has been a guideline on how to deal with reporting obligations from the Article 29 Working Party since 2017, the hafnium hack has shown that there is a large difference in the interpretation of the legal data protection regulations between the German state data protection authorities.

Data protection law touches almost all areas of business in today's digital economy. The legal framework created by the General Data Protection Regulation (GDPR) to protect the fundamental rights of data subjects can at the same time enable processes and innovations and strengthen Europe's digital sovereignty.

With more and more everyday activities shifting to the digital world, digital proof of one's identity is becoming enormously important. Secure digital identities already play a key role in the digital ecosystem: they guarantee high security requirements, protect individuals and processes and create trust between senders and recipients. In order to leverage the potential of digital identities, what is needed above all is harmonisation of regulation and cooperation between the public and private sectors.