Competition law: Federal Council wants to generally prohibit GDPR warnings
The Federal Council is against the overfulfilment of EU minimum standards in the GDPR. It should no longer be possible to prosecute infringements by competitors
(Image: peterschreiber.media/Shutterstock.com)
In its plenary session on Friday, the Bundesrat (Federal Council) launched a bill on the initiative of Bavaria to avoid unnecessary burdens for companies due to the excessive implementation ("gold-plating") of the General Data Protection Regulation (GDPR). According to the initiative, companies should no longer be able to take action against competitors under the Unfair Competition Act (Gesetz gegen unlauteren Wettbewerb, UWG) because they may have violated data protection regulations such as the GDPR. This means that data protection violations would generally be excluded from warnings and prosecution under the UWG.
With this initiative, the state chamber wants to provide clarity: a company can generally take legal action against a competitor under the UWG if it accuses them of breaking the law. This is because such a breach could always lead to a competitive advantage. However, it is currently controversial whether a breach of data protection can also be reprimanded in proceedings under the UWG. The Federal Court of Justice has not yet ruled on the issue, but has referred it to the European Court of Justice. The states' draft bill provides for an amendment to the UWG that expressly no longer permits a competitor action for data protection violations.
The Federal Council sees a need for amendment for three main reasons: According to it, the enforcement of data protection law via the UWG is not necessary at all, as the GDPR itself provides sufficient effective legal protection options. The basic regulation and similar provisions also do not serve to safeguard competition, but to protect informal self-determination. Furthermore, the risk of abusive legal action by competitors is particularly high when it comes to data protection issues.
Countries concerned about warnings about Google Fonts
In contrast to authorities and consumer associations, competitors are not obliged to act in the public or consumer interest, explains the Chamber of States. They could therefore use injunctive relief strategically. In practice, the particular potential for abuse of data protection violations has recently been clearly demonstrated by the wave of warnings in connection with the integration of Google Fonts on websites. In these cases, "alleged data protection violations by companies were tracked down by the automated forwarding of IP addresses using web crawlers and warnings were issued en masse for a fee". Bavaria had previously argued that a small formal error on a company's website was often enough to constitute a breach of the GDPR.
In 2020, the Bundestag passed a law against the abuse of warning letters under the GDPR. Violations of statutory labeling and information obligations on the internet by online retailers, for example, can still be warned. However, competitors are no longer entitled to reimbursement of costs. This also applies to data protection violations by companies with fewer than 250 employees. These exceptions do not go far enough for the Bundesrat: the danger remains that the prevailing legal uncertainty will be exploited to issue abusive warnings to competitors "to promote their own business interests or to conduct legal proceedings".
The state chamber is now forwarding the bill to the federal government, which can issue a statement on it. The bill will then be submitted to the Bundestag, which will then decide on it.
(nie)
