In its new annual report, the NRW data protection officer criticizes the police and public prosecutors. During their investigations into suspected right-wing extremist networks in their own ranks, the police transmitted all the telephone numbers from the suspects’ mobile phones to over 20 security authorities.
According to the 130-page report to the state parliament, which is available to the dpa, there were more than 12,500 telephone numbers with the corresponding subscribers, against which there was usually no suspicion.
This was neither permissible nor proportionate, criticized the data protection officer Bettina Gayk. Without prior evaluation of the chat data, investigation approaches could not have been recognized at all. The data comparison “into the blue” was only intended to bring such investigative approaches to light. While it is right and important to take action against right-wing extremist networks, the legitimate purpose must also be pursued with legitimate means.
Data from callers to the emergency numbers is also evaluated
The data protection officer also takes the police meta-database software “Palantir-Gotham” to court. Although the NRW Ministry of the Interior has made numerous efforts to make this bundling of police databases compliant with data protection, it still needs its own law, parliamentary legitimacy, she found.
The legislature, not the police, must decide which crimes are serious enough to lift the earmarking of the individual databases and thus also include data from people who have not committed a crime. The software also evaluates data from callers to the emergency number 110 and from witnesses.
Court judgments decide on data storage
The public prosecutor’s office also got their fat from the data protection officer: the feedback from the public prosecutor’s office to the police on how the criminal proceedings ended was incomplete. But they are important: the feedback depends on whether the data can continue to be stored.
A random sample showed: Of 24 criminal proceedings, feedback was required in 21, but not in 5 cases. After all, this is almost a quarter of the transactions examined.
Padlet not suitable for school use
The learning platform Padlet has become very popular with homeschooling caused by the pandemic and the country has supported its use at times, but it does not meet the requirements in terms of data protection. The company transfers data to the USA to an unclear extent. Such data transfers to third countries are problematic.
The Ministry of Education was informed of this. Schools are now being told not to use Padlet. In the meantime, data protection-friendly alternatives are also available, such as the Logineo learning platform.
Children’s photos of influencers themed
Individuals can also have to deal with the data protection authority, such as a Düsseldorf influencer who marketed photos of her underage children for business purposes on the Internet. The influencer was expressly informed of the special need for protection of children, according to Gayk.
In view of the hardly controllable dissemination of the photos on the Internet, there is a risk of them being used by pedophiles or for cyberbullying. The existing legal situation is incomplete: if parents pursue economic interests at the expense of their children, the legislature should improve the protection of children.
Freedom of expression has limits
Judges also have personal rights: Anyone who attacks a judge on the Internet with his full name, accuses him of arbitrariness, abuse of rights, falsification of documents and perversion of the law can no longer invoke freedom of expression. The deletion of the Internet contributions had been ordered, but the procedure had not yet ended.
In the past year, 6,850 complaints were received by their authority, Gayk said. In addition, 1840 data breaches were pointed out.
To home page
#NRW #data #protection #report #Reprimand #security #authorities #private #individuals