Data protection and employment law - deletion and data subject rights management according to DSGVO
In December 2021, the Neuruppin Labor Court ordered an employer to pay damages in the amount of €1,000 to a former employee under Article 82 of the GDPR. The reason for this was that the former employee, after termination of...
2021 - The year of zero-day vulnerabilities
The security researchers of Google's "Project Zero" have completed their statistics on actively exploited zero-day vulnerabilities. The conclusion: In 2021, there was a massive increase in known zero days. This would not only be due to the increase in attacks,...
Password and data security
It is estimated that an average Internet user has over 70 accounts that can only be accessed via individual access data. Secure passwords need to be defined both at work and at home. Many people find this difficult, which...
Federal Data Protection Commissioner: Caution with health data
Federal Data Protection Commissioner Ulrich Kelber has now presented his activity report for 2021. In particular, he warned in this against the too easy handling of health data by the developments of the Corona pandemic. Legal regulation for the processing of...
Two-factor authentication hacked
Two-factor authentication (also known as 2FA) is used for additional security when logging in, which is otherwise usually only secured with a password and user name. In some cases, multi-factor authentication (MFA) is also used for this purpose. With some of these...
Driver's license: control by the employer compliant with data protection?
In companies with a fleet of vehicles or in industries where business trips are the order of the day, employers regularly check their employees' driver's licenses. How this control can be designed in accordance with data protection and when it is necessary at all....
Photo transfer and data protection
More and more banks are offering the so-called photo transfer service. Here, the account holder can take a photo of a bill he wants to pay with his smartphone. This bill is then paid immediately via the corresponding banking app. Quickly...
"Pre-employment screening": data protection in the personnel selection process
When a company needs to fill a new position, personnel managers try to fill it in the best possible way with the help of a personnel selection process. It is not uncommon for them to do their own research in order to obtain more information about the applicant or...
Person responsible: Also managing director of a limited liability company in addition to the company
In its ruling of November 30, 2021 (case number 4 U 1158/21), the Dresden Higher Regional Court ordered a company and its managing director jointly and severally to pay damages under the GDPR. The court also regarded the managing director as...
Damages in case of disclosure of dynamic IP address when using Google Fonts
In its ruling of January 20, 2022, the Regional Court of Munich decided that the disclosure of the dynamic IP address to Google when using Google Fonts without the consent of the person concerned gives rise to a claim for damages (in the present case in the amount of €100)....
English 
Deutsch 
Español 
Français 
Polski