Datenschutzkonferenz

Digital health apps are increasingly used in practice. They raise various questions under regulatory and data protection and data security laws. On November 6, 2023, the German Conference of the Independent Data Protection Supervisory Authorities (Datenschutzkonferenz, DSK), a national body which brings together Germany’s federal and regional data protection authorities, issued a paper about the GDPR’s application to cloud-based digital health applications (“health apps”) that are not subject to the German Digital Health Applications Ordinance (Digitale Gesundheitsanwendungen-Verordnung, the “DiGA Regulation”).Continue Reading German Data Protection Authorities Publish Paper on Cloud-Based Digital Health Applications

On March 22, 2023, the German Conference of Independent Supervisory Authorities (“SAs”) adopted an opinion on websites that offer users a choice between (i) a free version that tracks users’ behavior or (ii) a (usually paid) version that does not track users’ behavior.Continue Reading German Supervisory Authorities Publish Opinion on (Paid) Subscription Websites

On October 16, 2019, the body of German Supervisory Authorities known as the Datenschutzkonferenz (“DSK”) released a document proposing a model for calculating fines under the GDPR.  The DSK indicated that this model is subject to change and will be superseded by any method put forward in guidance issued by the European Data Protection Board.

On April 3, 2019, the Association of German Supervisory Authorities (“Datenschutzkonferenz” or “DSK”) issued a paper (available here in German) on the interpretation of “broad consent” for scientific research in Recital 33 of the GDPR and the interplay with the definition of consent  and the principle of purpose limitation.

According to the DSK, broad consent