The federal and federal state legislatures in Germany have taken a crucial step to adjusting member state law to GDPR requirements with the new data protection laws and laws for sector-specific reform laws. At the same time, the task has not yet been concluded. On the one hand, areas are becoming apparent where the compatibility of the new national regulations with EU requirements appears to be questionable. These include regulations regarding parliaments or audit offices, for example. At the same time, EU law leaves further gaps, as in the area of post mortem data protection, where the GDPR does not apply. Yet the problematic areas – as recent jurisdiction on digital estates shows – are extremely complex and not yet satisfactorily solved. On the other hand, member state legislatures have enough regulatory room for manoeuvre that should be intelligently exploited. New concepts, such as temporally or objectively limited experimental clauses (e.g. sunset clauses) could not only open up options for administration and business, but also positively reinforce the European competition of legal orders and concepts.
Finally, questions continually arise regarding the compatibility of particular administrative projects with EU law and national data protection law. One example is national regulations for statistics, for which Art. 89 (1), (2) GDPR establish opening clauses. Against this background, continuing academic accompaniment of the process at all state and administration levels seems appropriate – a task for which the programme area is absolutely predestined in view of its extensive expertise and experience.
Prof. Dr. Mario Martini