For what is probably the last time, the acting Federal Data Protection Commissioner Ulrich Kelber presented his authority's activity report at the federal press conference in Berlin. In it, the long-time SPD member of the Bundestag and computer scientist states that data protection faces legal, organizational and technological challenges in many areas. Meanwhile, a civil society alliance between the Bundestag and the federal government is calling for an end to the impasse – the office of the Federal Data Protection Commissioner has already been massively damaged.
Advertisement
BfDI Ulrich Kelber presented his activity report for 2023 – unlike in the Corona years – there was not a single, defining topic of the past year. It is expected to be read less often than another publication from the BfDI: the data protection Pixie book series for children is enjoying great sales, reported Kelber. Today he handed over the millionth copy to Bundestag President Bärbel Bas along with the activity report.
The authority, which has a staff of over 300 people, was involved in a variety of activities, not least in advice. This was not always successful with public bodies, i.e. the comments were not followed. However, 95 percent of the consultations are never mentioned in activity reports or press releases, Kelber compared the authority's activities in this area to an iceberg.
Security legislation: Kelber calls for a complete overhaul of data protection
The BfDI warned lawmakers to only make selective improvements to data protection security legislation. Kelber is calling for an overall monitoring bill. Some of his advice regarding the Federal Police Act, for example, was not followed. The current approach doesn't make sense, says the Federal Data Protection Commissioner: “The lawsuit will come with the next amendment and will be lost again. That damages trust in the security authorities.”
After the personnel and organizational aspects, data protection in the security area also needs a revision of the supervisory law. This makes the increased use of data in this area necessary. “What we need is a way to stop such processes in a timely manner,” said Kelber. So far, this has not been legally provided for.
When asked about conflicts in the health sector, which are also said to have led to the non-renomination of the BfDI, Kelber stated that good cooperation was generally possible: a technical specification from BMG and Gematik was contradicted once because of a start of the e-prescription with a security gap was not justifiable; this was not the case more than 200 times.
AI responsibility
Kelber has an obvious idea as to who should be responsible for artificial intelligence according to the European Union's AI Act: “Please, please no more authorities,” he made an appeal to the German legislator who is responsible for this. Data protection supervisory authorities would be an obvious choice for market surveillance. In the national accompanying legislation, Kelber is also calling for more restrictive rules to be enacted for biometric remote recognition – this is expressly possible.
The impasse over BfDI new appointments continues
Kelber was extremely cautious in criticizing those responsible in federal politics, who are unlikely to grant him a second term in office. “I believe that this is difficult for the office because the question arises as to why a decision is not made in time. In my office, cooperation continues as before,” he said. According to the BfDI, the situation is more difficult internationally: “The negotiating positions are already weakened.” And another danger of the actions of those responsible is that certain candidates would not be available as a result.
In a press release, the Greens “expressly and on behalf of the entire Green parliamentary group thank Prof. Ulrich Kelber and his entire team for the trusting and constructive cooperation over the past few years.” And reports that the group “believes itself to be on the right track when it comes to rapid replacement.”
Civil society calls on federal politicians to end the BfDI impasse
Before the acting Federal Commissioner for Data Protection and Freedom of Information presented his activity report, civil society organizations increased the pressure on the Federal Government and the Bundestag to finally end the deadlock over the new appointment. Kelber has only been in office since January 7th as part of an extension rule after the traffic light factions have not yet been able to agree on a successor. The responsible politicians from the FDP and the Greens who are currently involved in the process are currently remaining silent.
The letter, which is addressed not only to the federal government – which must formally submit the election proposal to the Bundestag – but also to the parliamentary group leaders of the traffic light coalition and the Bundestag President Bärbel Bas, demands immediate action from those responsible. It says: “However, the events relating to the new or continued appointment of the Federal Commissioner for Data Protection and Freedom of Information (BfDI) are damaging the office in an unprecedented way.”
The legally guaranteed independence of the BfDI office is being questioned: “The impression is created that the current incumbent could earn a possible second term in office not through commitment to the cause, but in particular through political compliance.” The signatories of the letter dated March 19th also criticize the lack of a “transparent procedure” for the election of a data protection officer, which is actually provided for by law. The traffic light must now provide clarity immediately: “We call on the Federal Government and the Bundestag to do all they can to limit the considerable damage that has already occurred and to provide clarity about the continuation as quickly as possible.”
When asked by heise online, co-initiator Caroline Krohn from the digital policy association Load also sees a further dimension: “In my opinion, infringement proceedings by the EU Commission would be an appropriate step. The federal government and the Bundestag are also underestimating the consequences of their inaction here.”
Prominent signatories
Among the first signatories of the open letter are actors such as the former Federal Data Protection Commissioner Peter Schaar, the former Baden-Württemberg State Data Protection Commissioner Stefan Brink, the board of the Data Protection Foundation Frederick Richter, representatives of the Gesellschaft für Informatik and Fraunhofer AIESEC as well as some digital policy associations such as D64, Load, Digitalcourage, Wikimedia, Noyb and the Open Knowledge Foundation.
(mack)