Abstract
With the application of the General Data Protection Regulation on May 25, 2018, European data protection law enters a new era. For the first time, instead of a directive, the European standard-setter makes use of a directly applicable regulation which does not require any national implementation. Although the General Data Protection Regulation takes over the contents of the former Data Protection Directive in many areas, it also introduces new facts and the associated requirements for data users. One of the new features is the mandatory appointment of a data protection officer under certain conditions. This designation is mandatory only for authorities and public authorities. The following article examines the issue of "body" from a European and national perspective. A systematic overall view reveals the tendency to see public bodies as either public bodies or outsourced legal entities of private law. Whether universities of applied sciences are "public authorities" can not be clearly answered. Depending on whether the DSGVO is considered in isolation or whether other standards are included in the interpretation, the results are different. Needless to say that this state of affairs is unsustainable, in particular because of its far-reaching consequences, and therefore requires legal clarification. Taking into account the FOG, this legal clarification has at least partially succeeded.
Translated title of the contribution | Are universities of applied sciences public institutions in the sense of Art. 37 DSGVO? |
---|---|
Original language | German |
Pages (from-to) | 89-101 |
Journal | Zeitschrift für Hochschulrecht, Hochschulmanagement und Hochschulpolitik |
Volume | 2018 |
Issue number | 3 |
Publication status | Published - Aug 2018 |