The German Federal Parliament passes a new data protection act

The German Federal Parliament has passed a new Federal Data Protection Act. The new act (Bundesdatenschutzgesetz – BDSG) will replace the one that has been in force for the last 40 years.

The new legislation means that Germany is the first regulator in Europe to adopt a data protection law that is in line with the requirements of the EU General Data Protection Regulation (GDPR). It is likely that additional acts will follow concerning special processing situations, such as data protection for social security.

The new law means that German businesses will have to analyse the new requirements and ensure that they decision makers should start adopting the new BDSG employee data protection rules.

The new BDSG includes specific requirements that are not in the current GDPR legislation. For example, the BDSG states specific data processing requirements for video surveillance, and consumer credit, scoring and creditworthiness. In addition to the GDPR fines, the German law will exclusively impose fines of up to 50,000 euros for violations.

The German Federal Council need to approve the new BDSG which is expected to occur so by in a couple of weeks. Once approved, it will come into force on the on May 25, 2018, the same day as the GDPR.


The inaugural Data Protection World Forum (DPWF) will be held on November 20th & 21st 2018 at the ExCeL London which will provide a broader focus across the data protection and privacy space amidst the progressive tightening of global data protection laws.

Ahead of the end of year event, DPWF has launched a series of intensive workshops.

Further information on the DPWF and workshop details are available at: