Germany, UK Data Privacy Alert - 17 August 2015
DIHT Criticizes Government Draft on the Introduction of Data Retention
In a recent statement, the German Chamber of Commerce and Industry (Deutscher Industrie- und Handelskammertag– DIHT) expressed doubts over the appropriateness of a governmental draft on the introduction of data retention in Germany.
The DIHT expressed its concerns that companies would again be over-burdened by onerous and impractical legal requirements and suggested a thorough re-examination of the current draft. The current draft obliges telecommunications providers to retain data such as
phone numbers, time and place of communication (except for emails) and IP addresses for between four and 10 weeks.
Download the German Chamber of Commerce statement (PDF) (in German)
Hamburg Data Protection Officer: Facebook is Not Allowed to Require Real Name of User
The Hamburg Data Protection Authority has ruled that Facebook must allow the pseudonymous use of its services following Facebook’s requirement for users to use their real name and provide a copy of their identity card.
Johannes Caspar, the Hamburg Commissioner for Data Protection, concluded that Facebook’s behaviour had breached German telemedia and identity card requirements. Equally, Caspar highlighted that as a result of Facebook conducting its business in Germany, it would have to comply with German law even though its company’s headquarters are based in Ireland.
Hamburg Data Protection Authority Press Release (PDF) (in German)
Voßhoff Warns Against Fitness Apps by Health Insurers
Andrea Voßhoff, the German Federal Privacy Commissioner, has reissued her warning against the use of health insurance models which allow customers to transmit their data to the insurer through “fitness apps” in order to receive benefits in return. Such apps may process sensitive personal data such as the heart rate, eating behaviour or the complete medical history of the patient, thus Voßhoff has suggested extending the higher data protection standards of statutory insurances to the private sector also.
BFDI article on Andrea Voßhoff statement (in German)
Dawson-Damer v Taylor Wessing LLP
An application under the Data Protection Act 1998 s.7(9) for an order requiring solicitors to comply with a subject access request was refused. Judge Behrens held that is was not reasonable or proportionate, in the circumstances, for the solicitors to carry out the necessary searches to determine which documents were protected by legal professional privileged and which were not.
Dawson-Damer & Ors v Taylor Wessing LLP & Ors  EWHC 2366 (Ch) (06 August 2015)