For Siemens boss Joe Kaeser the matter is clear. "Anyone who uses a platform needs to know which of the data they are sharing is being used"said Kaeser earlier this week at the Internet Governance Forum, the main Internet conference of the United Nations, which ends this Friday in Berlin. What sounds like a matter of course, is often not observed in practice.
There are with the General Data Protection Regulation (DSGVO) actually a clear set of rules – the emphasis is actually on. For many companies are still struggling with the regulations that came into force a year and a half ago.
The Federal Ministry of Justice wanted to know more about it and has the implementation of the new rules in dozens of market-relevant online services of two scientists of the University of Göttingen examined. The results of the unpublished study available to the Handelsblatt are sobering.
Billen sees "glaring defects"
"Not all our services have implemented the GDPR, and certainly not completely"Justice Secretary Gerd Billen told Handelsblatt. Especially with social networks and messenger services exist "further glaring defects", In contrast, the implementation of EU rules in online shops, digital offerings of classical media and the websites of large companies "most advanced"it says in the 300-page investigation. Overall, however, none of the services examined have the GDPR "fully compliant" implemented. The head of the Federal Association of Consumer Protection Centers sees pent-up demand in the implementation of the DSGVO guidelines.
In the period from July to September 2019, a total of 35 online services from different areas were examined for the study. Including social media such as Facebook, Twitter, WhatsApp, search engines such as Google, online stores such as Amazon or Zalando, booking portals such as Booking.com or online presence of companies such as Deutsche Bank or Paypal. The state of implementation of the GDPR with regard to several aspects relevant to data protection was examined.
Careless handling of data
For example, the extent to which the use of data for the creation of personality profiles or the use of tracking technologies was informed was checked. Also how the right to information of persons concerned was handled plays a role, as well as the handling of sensitive data.
Here showed the "most serious defects"as it says in the study. "Careless is often the handling of the data, which are actually to be specially protected: sensitive information on the origin, health or political views."State Secretary Billen said.
This is surprising in that it can be really expensive if the rules are disregarded.