Skip Navigation
TÜV AUSTRIA SERVICES
TÜV AUSTRIA SERVICES
English
EnglishGerman
Login
[FooterItemText.loupe]
TÜV AUSTRIA SERVICES

Innovation and Science:

The New Right for Data Protection

Send via E-Mail
 

Video surveillance and together with it data protection have become hot topics through cases like Lidl inGermany, in whose branches employees were literally followed into their rest and sanitary rooms, and the intendedvideo control of Austrian schools.

The new information technologies, which allow the processing of personal data without much expenditure, induce the users of the programs to use data in violation of the legal provisions. The use of Customer Relationship Management (CRM) systems in companies or groups of companies, which easily permit the comprehensive passing-on and networking of personal data within companies, are only a few pertinent examples which require compliance with data protection regulations.

Data Protection Amendment

The changed technologies are one of the reasons for a comprehensive amendment of the Data Protection Act 2000 (below “DPA“), which implements the EU Data Protection Directive 95/46/EC nationally.

The present bill (DPA Amendment 2008)

  • envisages amongst other things a simplification of the registration procedure and

  • a company data protection officer for companies with more than 20 employees

  • limits the range of application to data of individual persons and

  • now contains express regulations for allowing video surveillance and the requirements for their registration.

Since the video surveillance is often used in a not completely restrictive manner and also concerns employees, labour-law provisions must be observed or implemented (company agreements and the like) over and above data protection regulations. When this is not done, the method of video surveillance is prohibited from the outset.The legislator sees the protection of personal data of companies sufficiently safeguarded by the existing legal provisions for the secrecy of company and business data even without entrenchment in the DPA and therefore intends to restrict the range of application of the DPA to individual persons.

Dr. Alexandra Eberhardt, Deputy Head of Legal Department / Post AG
Dr. Gernot Eberhardt, Attorney at Law

Law Enforcement, Penalties and other Disadvantages

Companies should endeavour to comply with the data protection regulations not only because of the legal sanctions, but also because of the sometimes much more severe negative publicity in the media.

The data protection commission moreover announced that it will concentrate first on insurance companies and check that these are in conformity with the law. Therefore quick action may be needed in this area to avoid negative consequences. It remains to be seen which sector the data protectors will get in their sights next.

The implementation of data protection directives within a company or group of companies nowadays is an essential and indispensible element of the company strategy and the corporate governance. Only in this way can a basis of trust and a credible customer and employee relationship be established and maintained.