In a press release dated January 8, the Data Protection Authority of Hamburg announced broad enforcement actions in order to curtail the numerous “privacy scandals” that have occurred in Germany in past months. The DPA will check in particular whether companies comply with their obligation to appoint internal data protection officers. Recent controls by the authority have apparently revealed that many companies have not lived up to this statutory obligation. In order to be able to effectively review the practice of a considerable amount of data controllers, the Hamburg DPA has developed a written examination schedule. As of January 2010, the DPA intends to focus on particular business sectors and send out letters to all major companies that are active in the respective sectors to request information on the appointment of a data protection officer. As a start, the DPA will focus on the logistics sector. Other industries will follow during the course of 2010.
1 March 2010
Hamburg DPA: enforcement actions re obligations to appoint data protection officers
Related stories
Notes from the IAPP Canada: AI, managing data responsibly is top of mind
A view from DC: Don't mess up your employee privacy notice
Personal data defined? Ulrich Baumgartner on the implications of the CJEU's SRB ruling
Notes from the Asia-Pacific region: China's AI Plus initiative accelerates AI integration
A view from Brussels: A wind of pragmatism
-092925.jpg?width=1264)