Data protection: good intentions, many loopholes

Data protection must be kept strictly separate from data security, information security or IT security. Data protection in the IT sector is about protecting people's privacy, i.e. their 'informational self-determination'. It is about ensuring that their data is not misused, for example in the case of a flourishing trade in email addresses.

There are legal rules governing the use and processing of personal data, which are set out in the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the data protection laws of the federal states. The fact that spectacular breaches of data protection occur time and again, despite possible penalties, is primarily due to the 'transnationality' of the internet. A hacker who (apparently) operates from the Christmas Islands or Uzbekistan can hardly be caught under national law.

The best data protection is therefore a high level of data security. There are excellent technical options for preventing the misuse of personal data. Just ask us.