Germany: New legislation is intended to increase the level of data protection for employees

27 February 2013

Roland Falder, Dr. Ximeng Wang

Introduction
 
The German Federal Government has unexpectedly agreed on a new Employee Data Protection Act (BDSG). Having been presented to the German Parliament firstly in late 2010, the draft legislation on the regulation of employee data protection is one of the hotly discussed topics in German politics. The new legislation for companies could still come into force in the course of the year.

Crucial aspects of the draft legislation concern the general prohibition of covert video surveillance at the workplace as well as the broadening of overt surveillance. The rights of employers to ask questions during the application procedure as well as to gather personnel-related data in social networks are intended to be restricted while the data transfer within the group is intended to be simplified. 
 
Restrictions on the rights of employers to ask questions

The new legislation clarifies the admissible scope of the employer’s right to ask questions during the application procedure and the introductory phase. According to said legislation, apart from the name and the contact details (address, telephone number, email address) of the applicant, the employer is only entitled to collect data required in order to be able to assess the applicant's suitability for his/her intended occupation. The data in question particularly relates to data regarding the professional and personal skills, knowledge and experience as well as the training and professional career of the applicant.

Prohibition of covert video surveillance

Covert video surveillance of employees is generally inadmissible according to the new legislation. Overt video surveillance is only admissible in order to control access, to exercise domiciliary rights, to protect property, to ensure employee safety, to protect facilities, to ward off danger in order to ensure the safety of the company and for quality control, insofar as it is required to safeguard important company interests and as long as  no overriding interest worthy of protection in the data not being collected is at hand on the part of people involved.

Business premises mainly used by the employees for private conduct of life (particularly sanitary, changing facilities and sleeping rooms) may not be monitored by a video camera. Overt video surveillance of break rooms, resting and smoking areas are still inadmissible.

Restrictions on the collection of data in social networks

The new legislation places any collection, processing and usage of data in the employment relationship under the reservation that said data is required and that it is not opposed by an overriding interest worthy of protection on the part of the employee.

As regards data from social networks serving the purpose of electronic communication, the employee's interest worthy of protection of excluding the collection of data overrides the employer's legitimate interest at least in cases in which said data is not publicly available. Consequently, in most cases employers are not allowed anymore to access data in social networks in the future (such as Facebook, LinkedIn, Twitter or Xing) without the respective employee's consent.

Data transfer within the group

With regard to the transmission of employee-related data, no group privilege has been established so far. Consequently, group companies are considered and dealt with as third parties from a data protection point of view and the disclosure of personal data will only be admissible subject to a (group) operating agreement, the consent of employees or the commissioned processing of data. This is intended to be changed in the near future with the introduction of sec. 32m – data transmission within the group (§ 32m – Datenübermittlung im Konzern) into the German Federal Data Protection Act (BDSG).

The draft legislation envisages a group privilege as regards the transmission of employee-related data between legally independent companies pursuant to sec. 15 of the German Stock Corporation Act (AktG) to the extent to which said privilege is required in order to safeguard an interest resulting from the legitimate interest resulting from the affiliation of the group and provided that there is no reason to assume that the employee's interest worthy of protection in the data not being collected is overriding.

Closing remark

Whether amendments to the draft legislation will still be made due to the lively discussion which has already been launched, remains to be seen. It can be assumed, however, that the main issues and the basic trend of the envisaged new legislation will be confirmed and that the law will thus be adopted in the forseeable future.

This article is part of the Asia Employment newsletter for March 2013.