The Association of Data Privacy Officers of Germany (BvD) has commented on a new draft law from the German Federal Ministry of the Interior concerning the improvement of IT security in companies and official bodies in Germany. Overall, the BvD welcomes the draft but criticises some of its elements. In particular, the draft law sets out new legal grounds on which companies will be allowed to retain and process user data. The BvD is concerned that, as drafted, the new law does not sufficiently protect privacy rights and has called for strict provisions on the principle of purpose limitation.

BvD article and new draft law on IT security