Hostname: page-component-78c5997874-xbtfd Total loading time: 0 Render date: 2024-11-14T22:28:08.016Z Has data issue: false hasContentIssue false

The Transfer of Data Abroad by Private Sector Companies: Data Protection Under the German Federal Data Protection Act

Published online by Cambridge University Press:  06 March 2019

Extract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

Private sector companies face a major challenge in ensuring compliance with the many detailed data protection rules that can apply. The compliance burden is further increased if a business enterprise operates in several countries with different data protection rules. This may complicate the exchange of data within the enterprise. The purpose of this article is to plot a path through these rules governing the transfer of personal data abroad.

Type
Public Law
Copyright
Copyright © 2003 by German Law Journal GbR 

References

1 Bundesdatenschutzgesetz of 20 December 1990, last amended by an act of 21 August 2002. The amended version was published on 14 January 2003, Federal Law Gazette (Bundesgesetzblatt) vol. I 2003, p. 68. An English translation of the Act as of 1 January 2002 is available on the internet: www.bfd.bund.de/information/bdsg_eng.pdf.Google Scholar

2 Section 1 (3) of the BDSG.Google Scholar

3 Section 3 (1) of the BDSG.Google Scholar

4 Section 1 (2) no. 3 of the BDSG.Google Scholar

5 Section 3 (2) sentence 2 of the BDSG.Google Scholar

6 Section 4d (1) of the BDSG.Google Scholar

7 Section 4d (2) of the BDSG.Google Scholar

8 Section 4d (3) of the BDSG.Google Scholar

9 Section 4d (4) of the BDSG.Google Scholar

10 Section 4d (1) in connection with section 38 (6) of the BDSG.Google Scholar

11 Section 4d (1) of the BDSG.Google Scholar

12 Section 4f (1) sentence 3 of the BDSG.Google Scholar

13 Section 4f (1) sentence 6 in connection with section 4d (5) of the BDSG.Google Scholar

14 Section 4f (1) sentence 6 of the BDSG.Google Scholar

15 Section 4f (1) sentence 1 of the BDSG.Google Scholar

16 Section 4g (1) sentences 1 and 2 of the BDSG.Google Scholar

17 Section 4g (1) sentence 3 of the BDSG.Google Scholar

18 Section 4g (2) sentence 2 and section 4f (5) sentence 2 of the BDSG.Google Scholar

19 This may be inferred from section 38 (5) sentence 3 of the BDSG.Google Scholar

20 Section 4f (3) of the BDSG.Google Scholar

21 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4f, note 26.Google Scholar

22 Section 4a (1) sentence 2 of the BDSG.Google Scholar

23 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4a, notes 6-9.Google Scholar

24 Federal Law Gazette vol. I 2001, p. 876.Google Scholar

25 Restrictive: Simitis, in: Simitis (editor), Kommentar zum Bundesdatenschutzgesetz, 5th edition 2003, section 4a, notes 35-37 and 45-53. Less restrictive: Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4a, note 13.Google Scholar

26 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4a, note 13.Google Scholar

27 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4a, note 13.Google Scholar

28 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4a, note 13.Google Scholar

29 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4a, notes 14 and 20.Google Scholar

30 Directive 95/46/EC, Official Journal L 281 p. 31.Google Scholar

31 Section 4b (1) of the BDSG.Google Scholar

32 Section 4b (2) of the BDSG.Google Scholar

33 Schaffland/Wiltfang, BDSG, Kommentar, last update: March 2003, section 3, note 57.Google Scholar

34 Dammann, in: Simitis (editor), Kommentar zum Bundesdatenschutzgesetz, 5th edition 2003, section 3, note 239.Google Scholar

35 Schola/Gomerus, BDSG, Kommentar, 7th edition 2002, section 3, note 53.Google Scholar

36 Cf. Simitis, in: Simitis (editor), Kommentar zum Bundesdatenschutzgesetz, 5th edition 2003, section 28, note 89.Google Scholar

37 Decision of 26 July 2000 (2000/518/EC), Official Journal L 215 of 25 August 2000, p. 1.Google Scholar

38 Decision of 26 July 2000 (2000/519/EC), Official Journal L 215 of 25 August 2000, p. 4.Google Scholar

39 Decision of 20 December 2001 (2001/02/EC), Official Journal L 2 of 4 January 2002, p. 13.Google Scholar

40 Decision of 26 July 2000 (2000/520/EC), Official Journal L 215 of 25 August 2000, p. 7.Google Scholar

42 Decision 2001/497/EC, Official Journal L 181 of 4 July 2001, p. 19.Google Scholar

43 Decision 2002/16/EC, Official Journal L 6 of 10 January 2002, p. 52.Google Scholar

44 Section 4 (1) BDSG.Google Scholar

45 Cf. Däubler, Gläserne Belegschaften? Datenschutz in Betrieb und Dienststelle, 4th edition 2002, note 167.Google Scholar

46 Cf. Simitis, in: Simitis (editor), Kommentar zum Bundesdatenschutzgesetz, 5th edition 2003, section 4c, note 13-14.Google Scholar

47 Cf. Simitis, in: Simitis (editor), Kommentar zum Bundesdatenschutzgesetz, 5th edition 2003, section 4c, note 15.Google Scholar

48 Cf. Simitis, in: Simitis (editor), Kommentar zum Bundesdatenschutzgesetz, 5th edition 2003, section 4c, note 12.Google Scholar

49 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4c, note 5.Google Scholar

50 Section 4c (1) sentence 2 of the BDSG.Google Scholar

51 Gola/Schomerus, BDSG, Kommentar, 7th edition 2002, section 4c, note 9.Google Scholar