Federal states must ensure data protection consistency

BvD welcomes first drafts for State Data Protection Acts

In the course of legislative processes towards a new State Data Protection Act, Bavaria conducted a hearing of the associations six months ahead of the EU General Data Protection Regulation (GDPR) entering into force. “It is thus possible that State Data Protection legislation will soon offer a robust template that state public authorities may refer to in their implementation of GDPR demands. The objective is to as far as possible achieve uniform implementation across Federal states”, says BvD Deputy Chairman of the Board Rudi Kramer. “We trust that other states will also now urgently revise their State Data Protection legislation and agree on preferably uniform implementation of the system as demonstrated”.

Kramer argues that this will be possible by identical formulations that take advantage of the escape or specification concessions the GDPR allows EU member states. This is paramount not only to companies and authorities but also, for instance, to research at universities, art and the protection of public employee data. Uniform and comprehensible legislation across the borders of the Federal states would be indispensible to acceptance of the complex issues of data protection by responsible public authorities and their customers and the citizenry.

“Considering the GDPR and the new Federal Data Protection Act, the 16 Federal states must not have different data protection laws on central issues”, stated Kramer. “The federal structure must not develop into a stumbling block for digitalisation.”

The GDPR entered into force on 25 May, 2016, and must be applied by companies and authorities as from 25 May, 2018. Apart from the Bavarian draft, drafts by the states of Saxony, Saxony-Anhalt and Brandenburg are also currently available.