💾 Archived View for gmi.noulin.net › mobileNews › 6666.gmi captured on 2021-12-05 at 23:47:19. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-12-03)

➡️ Next capture (2023-01-29)

-=-=-=-=-=-=-

Germany: Land of Data Protection and Security But Why?

Understanding the German mentality to data protection and data privacy is

fundamental to doing successful business in the country

February 2017 - Data Protection & Privacy | IT Law | Doing Business in Germany

Nowhere in the world are there stricter requirements for data protection and

privacy than in the European Union and within the Union, no other country

stands for data protection more than Germany. If you want your business to be

successful in Germany, you should know the reasons. They have to do with the

country s history.

Germany has given rise to two political systems in which the surveillance of

its own people played a fundamental part of control, manipulation and

oppression: the Third Reich and the German Democratic Republic. Both regimes

managed to survive for years. The shared experience was that no one could trust

in their privacy, and deviant behavior could be punished severely. Both systems

are history, and much has been written and said about the political reasons and

implications. And the consequences are still very present today.

For a comparison of privacy concepts set out in some domestic and international

privacy regulations, laws, and guidelines in relation to Generally Accepted

Privacy Principles, visit www.aicpa.org and search for international privacy

concepts

Therefore, topics related to privacy, data protection and thus, security, cause

stronger reactions in Germany than in its neighboring countries or in regions

of the world with even fewer cultural similarities. This is especially true for

health data. Research presented in the Harvard Business Review shows just how

deep the divide is not only between Germany and countries like India or China,

but also between Germany and Great Britain or the USA. When it comes to

protecting data related to personal health history, the average German is

willing to pay as much as $184 U.S., while the average Briton would pay only

$59 U.S. (U.S. citizens and the Chinese place a single-digit value on the

certainty that their health data is safe, and Indians not even that much.)

What does this mean for companies wanting to expand their reach into the German

market? Here are some things to consider for companies who do or do not

specialize in data protection, privacy or security.

Does your company offer products that do not primarily provide additional data

protection, privacy or security?

Then consider the legal requirements and concerns of your potential customers

in Europe and Germany from the start. Make sure your customers and their data

and devices are secure. The integrity of all transactions is a must; security

breaches may be considered a deal breaker. Transparency won t hurt you, and

proof of certifications and the meeting of industry standards will give you

competitive advantages. When marketing your products, underscore your thought

leadership in data protection and security.

Does your company offer products that especially provide additional data

protection, privacy or security?

Did you know that the German language has only one word for both safety and

security ? It is called Sicherheit and can be used either way. Even if your

German business partners are very good at English, don t be surprised if they

seem to confuse the two words. They probably mean the right thing!

Then you will find Europe, and especially Germany, to be a mature market one

that may not have waited for your specific solution. The advantage for your

company? You can expect your potential buyers to be aware of the issues you are

trying to help them with. You don t have to spend extra time explaining the

usefulness of data protection and security. The disadvantage for your company?

You can expect your potential buyers to be aware of the issues you are trying

to help them with. You will spend extra time explaining why it is your product

above all others that improves your potential buyers data protection and

security. Plus, you will have to live up to your promises.

Does your company do, or want to do, business in Germany or elsewhere in the

EU?

Then you should take more than just a peripheral glance at data protection.

Data protection is, and is becoming ever more important. Companies need to find

out in advance what data protection-related regulations and laws they are

subject to, not only to avoid the fines: The secure handling of personal data

is becoming more and more important in the public awareness. Data protection

has long since lost its role as the unloved stepchild, says Dr. Katharina

Kuechler from eco Association of the Internet Industry. Properly

implemented, data protection can be a real competitive advantage.

Do you want to learn more about eco Association of the Internet industry and

how we can help you run a successful business in Germany and Europe? Send us an

email at cometogermany@eco.de.

Data protection law within the EU will be harmonized through the new General

Data Protection Regulation, which will mean that, for example, the requirements

for gaining permission are becoming more stringent in comparison to existing

German data protection law. However, completely new concepts will also be

introduced, such as the data protection impact assessment (Art. 35 GDPR)

compensation or the right to data portability. The General Data Protection

Regulation came into effect on 25 May 2016 and will apply from 25 May 2018 in

all EU Member States, without the need for a further implementation law. This

means that companies have until 2018 to adapt their processes and contracts to

the new regulation. As of that date, companies that do not comply will be faced

with fines of up to 20 million EUR. There are only few cases where protection

is offered for contracts that were finalized before the General Data Protection

Regulation applies. So companies should really start to review their processes

and contracts now for compliance with the new regulation. Also new in the

regulation is the market principle. This means that, in future, companies must

apply the data protection law of the given EU state in which they offer their

service, regardless of whether the company is based in that state. As a result,

companies based outside of the EU must also observe the General Data Protection

Regulation from 2018 if they want to process data or market their products

within the EU.

To help companies in dealing with the transition, eco offers internal audits

for member companies, so they can find out if they are well prepared for doing

business in Europe.

The General Data Protection Regulation also includes the Europe-wide

stipulation for companies to appoint a Data Protection Officer. The central

obligation to report in Art. 37 Abs. 7 GDPR simplifies the monitoring of actual

appointments, so that the detection of inaction will become more likely. The

obligation to appoint a Data Protection Officer can be difficult to fulfill,

especially for SMEs. Here also, eco is happy to help members with an external

solution.

More information is available at go.eco.de/dataprotection.

Or you can send an email to dataprotectionofficer@eco.de and the eco legal team

will get in touch with you.