Data Protection Amendment Act on the right track

The new Federal government must urgently tackle finalisation

With the passing of the new Data Protection Act on Friday in the Federal Council and the associated amendment of the European General Data Protection Regulation (GDPR) for implementation in German law, the course has been set for consistently good data protection in Germany. Until the GDPR enters into force on 25 May, 2018, companies and data protection officers will have an acceptable framework and planning certainty to prepare for GDPR requirements with legal certainty, said the Chairman of the Association of Data Protection Officers of Germany (BvD), Thomas Spaeing, in Berlin. Especially the continuing 2-pillar model comprising data protection officers and regulatory authorities will render data protection compliant with the law and guarantee high data protection expertise in companies and authorities.

The law does, however, leave some questions unanswered, emphasised Spaeing. Objections to the Data Protection Amendment and Implementation Act EU (DSAnpUG EU) have already been announced in order to clarify certain questions. This will show whether the arrangements made will survive judicial review.

The new Federal government would furthermore need to implement further GDPR provisions in German law after the Bundestag elections. “The DSAnpUG EU still has many legal conundrums. These must be isolated and explained through supplementary laws”, stated Spaeing. What is important is that such explanations are enacted before 25 May, 2018.

Germany is the first EU country to transpose the GDPR into national legislation. “This is why it is important that the law will also hold up before a court”, said Spaeing. “Especially because German law sends out important pointers for data protection across Europe.”


Your BvD contact person:
Deputy Chairman Rudi Kramer, Budapester Straße 31, 10787 Berlin
Tel: 030 . 26 36 77 60, E-mail:, Internet:

The Association of Data Protection Officers of Germany (BvD) with a membership of around 900, promotes and represents the interests of data protection officers in companies and authorities. The Association offers its members competent support in the performance of their daily tasks, including comprehensive programmes for continuing education.