Data Protection Act Now Enforceable – Unaddressed Questions Remain
In early 2025, Germany is still grappling with the full implementation of the EU Data Act, a regulation that complements the EU General Data Protection Regulation (DSGVO). As of now, only 1% of German companies have fully complied with the Data Act, according to a Bitkom study conducted in the spring.
The Data Act, which came into force in January 2024, aims to establish standards for data-related contract clauses and provides regulations facilitating cloud provider switching and emergency access to company data for administrations. It also sets forth rights for companies and users to access data from connected devices, which can support new service development.
However, the legislative efforts to designate supervisory authorities, such as the Federal Network Agency (BNetzA) and the Federal Commissioner for Data Protection and Freedom of Information (BfDI), remain unsettled. Disputes about authority between federal and state data protection bodies are delaying the complete implementation of the Data Act.
Bitkom President Dr. Ralf Wintergerst has expressed concern that Germany's slow implementation of the Data Act could lead to violations of European law and hinder a uniform European interpretation of the Act. He has urged the federal government to pass an implementing law for the Data Act quickly and establish a digital agency under the digital ministry to oversee the Act.
To assist companies with the implementation of the Data Act, Bitkom has published a practical guide titled "Implementation Guide for the Data Act: Practical Assistance for the Implementation of (EU) 2023/2854 - From Practice for Practice". This guide is available here.
In addition, Wintergerst has emphasised the importance of adequate information and support for those affected by the Data Act. He has urged the responsibility for the Data Act should not be fragmented among the individual state data protection authorities to avoid confusion.
The Data Act, enacted by the European Union, is generally applicable from the current date following a transition period. It contains regulations that can support new service development, facilitate cloud provider switching, and ensure emergency access to company data for administrations.
Until the federal government takes action, the Federal Network Agency and the Federal Commissioner for Data Protection and Freedom of Information (BfDI) are responsible for the Data Act. Wintergerst has also urged the federal government to ensure that the Data Act's opportunities for economic and social goals, maintaining transparency over data, and training AI models are utilised effectively.
Read also:
- Elon Musk accused by Sam Altman of exploiting X for personal gain
- Comparing the value of top electric scooters: Kinetic DX versus Bajaj Chetak versus TVS iQube - Which one offers the best bang for the buck?
- Tech tycoon Elon Musk alleges Apple is preferring OpenAI, sparking potential lawsuits contemplation
- China's Automotive Landscape: Toyota's Innovative Strategy in Self-Driving Vehicles
