Maja Smoltczyk is the Commissioner for Data Protection and Freedom of Information in Berlin. Professor Dieter Kugelmann is State Commissioner for Data Protection and Freedom of Information in Rhineland-Palatinate.
After terrorist attacks, when pedophile crimes are exposed, or now in the midst of the corona pandemic, you hear the same thing over and over again: data protection must be relaxed, data protection is to protect criminals, data protection is a threat to human life! Part of the economy happily agrees: data protection is destroying the internet, data protection is slowing down digitization, data protection is slowing down innovation!
It’s a familiar song, but neither song is right. Data protection does not destroy the internet, but it does try to save people’s fundamental rights, hard fought in history, for a digital future. Endless collection of personal data, data tracking and data mining are the order of the day.
[Wenn Sie alle aktuellen Nachrichten live auf Ihr Handy haben wollen, empfehlen wir Ihnen unsere runderneuerte App, die Sie hier für Apple- und Android-Geräte herunterladen können.]
Where technical innovation is meant to serve people, it tends to give the impression that people – their data and profiles – are serving investors and businesses. Intervention must be taken to protect both the achievements of digitization and the fundamental rights of citizens which are the basis of our free and democratic society.
A blanket pointing with a finger distracts from real problems. Fundamental rights are not alone but linked to other fundamental rights. Whenever fundamental rights are curtailed, it should be ensured that this is done only to the extent that it is absolutely necessary and only to the extent that the protection of other fundamental rights requires it. Thus, those wishing to limit the fundamental right to informational self-determination in a specific situation need to provide convincing arguments for such weighing to take place.
Authorities already overwhelmed – what to do with even more data?
The pandemic has once again demonstrated that privacy is the scapegoat when things get out of hand. Hardly a day goes by without people not saying that if we only improved privacy, the pandemic could be easily contained. It may be tempting to present privacy as the real problem, but it makes it difficult to properly address it.
For example, it is not a problem that not all health authorities are connected to digital infrastructure, which would be a prerequisite for a Corona Alert App to have real added value for authorities. Nor is it a problem that authorities are already overwhelmed with data from Corona’s contact lists; instead, they are eager to insist that the application collect much more data.
It is also not a problem that hardly any commercial provider offers data protection compliant solutions and that authorities are not able to develop such solutions themselves or to demand them in tenders. It is also not a problem that American services want to reserve the right to process children’s data for their own, mainly commercial purposes. Instead, it is argued that data protection officials want to prohibit children from studying.
No matter how often it is argued, it remains untrue: data protection does not stand in the way of societal challenges. The Corona-Warn-App has been downloaded more than 25 million times in Germany and has received such a high level of acceptance because people can rely on their data not being misused. In addition, it can be further developed in line with data protection regulations. In other European countries where this is not the case, the situation is completely different.
Data protection in schools does not inhibit but promotes digitization
The data protection-compliant distribution method in Germany was successful, which is a necessary condition for achieving the goals of the Corona-Warn application. And when data protection advocates demand that digitization of schools be carried out in line with data protection laws, it is not to prevent digitization but to promote sustainable development that achieves much more than digitization at all costs: schoolgirls, To create a safe space for students and teachers, where their data is safe, not abused and ultimately used against them.
No, data protection is not an overriding right which overrides other fundamental rights, but is a fundamental right. Consequently, it interacts with other fundamental rights that must be constantly balanced. That is why it is constantly being reduced in times of pandemics where it is necessary – whether in the collection of contact information by companies or in the exchange of data between health authorities and medical facilities.
[Behalten Sie den Überblick: Corona in Ihrem Kiez. In unseren Tagesspiegel-Bezirksnewslettern berichten wir über die Krise und die Auswirkungen auf Ihren Bezirk. Kostenlos und kompakt: leute.tagesspiegel.de]
The debate about the appropriate measures to be taken against the virus, especially in terms of data protection, needs to be more rational and objective. Until now, in Germany it has been possible to properly consider if and when it is necessary to restrict one fundamental right to another. It’s good that policymakers don’t do it to themselves. A free state based on the rule of law makes this requirement. Adequate data protection must not fall victim to the virus.
Instead of constantly complaining about data protection as a mantra, we should recognize its importance: data protection is not a hindrance, but an important regulatory and control factor. People are more likely to engage in new technologies if they are confident that their rights and freedoms will be protected. Otherwise, they tend to withdraw into private life or give false information.
Thanks to the GDPR, the EU has shown how it is done
The European Union saw the potential of strong data protection and, thanks to the incredible efforts of the European Parliament in particular, created a uniform data protection law for Europe. In doing so, it has sent out a strong signal on the importance of one of the fundamental European rights that the rest of the world can no longer ignore. Because she recognized that the right to privacy can only be preserved in times of global digitization if European countries as a unified economic area also jointly defend their ethical beliefs. Data protection is part of European values. A normative act was adopted along with the Regulation on the Protection of Personal Data (GDPR). It is now being adopted in full or in part in many parts of the world. The GDPR has taken Europe forward: the EU has proven itself here as a bastion of freedom and the rule of law and as a wall of protection against attacks on privacy. We should be proud of it.