Commercial register: Revised regulation for more data protection

In order to ensure better data protection for entrepreneurs, the Federal Ministry of Justice has made changes to the Commercial Register Ordinance. As part of the revision, the focus is on collecting less data in order to limit the retrieval of sensitive data by anyone.

Revision follows harsh criticism

The commercial register’s extensive data collection has been a thorn in the side of data protectionists for some time. Anyone who takes a look at the corresponding portal can quickly understand why. After all, sometimes sensitive personal data can be easily accessed here via the Internet. By redesigning the commercial register portal, policymakers actually wanted to comply with the new requirements of the EU Digitization Directive. But the price seems to be too high. The responsible Federal Ministry of Justice, under the leadership of Federal Minister of Justice Marco Buschmann (FDP), has now responded to the criticism of data protectionists. In the context of a comprehensive revision one would like to have provided for a better protection of the sensitive data.

Have you read this? EU Data Protection Committee: Facebook violates DSGVO

Less data for more data protection in the commercial register

Looking at §9 of the Commercial Register Ordinance, one finds that the Ministry wants to ensure more data protection in a fairly simple way. The section states that significantly less data is to be stored in the portal. Instead, only the data that companies in Germany are obliged to provide will be accessible. In view of the fact that it was previously even possible to retrieve copies of ID cards, this is probably a big step in the right direction. Documents related to investigations by the registry court should also no longer be accessible on the net.

Register Portal of the Federal States (Image: www.handelsregister.de)

This means that from now on the general public will no longer have access to sensitive writings such as deposit slips. Within the scope of the new possibility of the so-called “document exchange”, the entrepreneurs concerned shall henceforth also have the possibility to exchange already uploaded documents. If the documents accessible via the register contain sensitive data, it will be possible to submit a new document without the affected passages as an alternative. So, all in all, the registry will come with significantly slimmed down data collections, but still in compliance with the legal requirements.

Also interesting: Privacy: Apple allegedly lied to its customers

Federal Council is pleased

Also from the side of the Bundesrat comes exclusively positive feedback on the new regulation. After all, the Ländergremium also pointed out in advance that one must be free from excessive data collection. The Bundesrat’s duty of co-determination is based not only on its statutory duty to participate in the legislative process. On top of that, the operation of the registers is a matter for the states. Our colleagues at heise online pointed out the questionable data situation of the registry with a reference to c’t almost half a year ago. It is gratifying that this and other criticism from data protectionists has now been addressed by the revision of the regulation.