On 29.6.2017 the future DPA 2018 was finally decided: The adaptation of the Austrian legal framework to the EU General Data Protection Regulation (GDPR) applicable from 25 May 2018 was not undisputed. Instead of the original plan of a complete revision of the Data Protection Act, a completely new approach was chosen for political reasons:
Because of the lack of a constitutional majority, which would have been necessary to amend the constitutional provisions of the DPA 2000, the Data Protection Act 2000 was not repealed and enacted as originally planned, but merely - in fact comprehensively - amended. All (objectively actually necessary) constitutional changes were deleted from the first draft. In fact, the novella was packed into the old cover of the DSG 2000. However, this does not make the new law any clearer and it is more difficult to read than the originally planned restart.
The law, which has been amended once again in terms of content in a summary procedure compared with the government bill (you can read the full text of the draft adapted by the Constitutional Committee here), indicates that at least the initial comments have been taken into account on a selective basis. Compared to the government's proposal, the following innovations are particularly relevant:
The positive aspect of the DPA's resolution is that it gives Austrian companies at least a national basis for their implementation projects to achieve data protection compliance. The great downer, however, is that political circumstances have led to a technically weaker solution being implemented, instead of creating a new version, which also raises other constitutional issues. The opportunity was also missed to create a truly practical, final legal basis under data protection law from the good initial draft by means of practical input. Thus, in view of the rushed job, there remains the danger that actual and alleged shortcomings will be pushed into material laws instead of in the central DPA and that this will also lead to legal fragmentation.
On 12 May 2017, the first draft of the new Austrian Data Protection Act was published, which had been long awaited and repeatedly postponed in view of the overdue preparations. The deadline for comments in the legislative process ended on 23 June 2017, but surprisingly the Federal Government forwarded its draft to the National Council as a government proposal on 7 June 2017 - i.e. during the current evaluation period. This procedure is completely unusual, but was still outbid negatively by the further developments:
A total of 110 comments were received during the factually shortened review period. From this the active interest of the public can be derived and nevertheless some open topics. DORDA (as the only law firm) has submitted its own statement based on our many years of data protection expertise in order to point out topics of particular practical relevance.
Only three days after the expiry of the evaluation period, the government bill passed the Constitutional Committee of the National Council on 26 June 2017. Changes were made to
3
the draft at short notice. In a plenary session on 29 June 2017, the National Council actually adopted the last-minute amendment to the Data Protection Act.
Alle Angaben auf dieser Website dienen nur der Erstinformation und können keine rechtliche oder sonstige Beratung sein oder ersetzen. Daher übernehmen wir keine Haftung für allfälligen Schadenersatz.
The material contained in this website is provided for general information purposes only and does not constitute legal or other professional advice. We accept no responsibility for loss which may arise from reliance on information contained on this site.