2021: Zoom Ban
In August 2021, the Hamburg government received an official warning about the inadmissibility of using the Zoom service due to data protection problems. The Data Protection Agency (DPA) issued a public warning, writing in a press release that the Senate Chancellor's use of a popular video conferencing tool violates the European Union General Data Protection Regulation (GDPR), as user data is transferred for processing to servers located in the United States.
The DPA's concern followed a decision by Schrems II, adopted by Europe's highest court in the summer of 2020, which invalidated the flagship EU-US data transfer agreement (Privacy Shield), recognizing American surveillance legislation incompatible with EU privacy rights.
The EU data protection watchdog is also investigating the use of cloud services by American giants Amazon and Microsoft in connection with the same data transfer problem.
Negotiations between the European Commission and the Biden administration to find a replacement for the data deal are ongoing. However, EU lawmakers have repeatedly warned against a quick solution to the problem, saying that reviving Privacy Shield is likely to require reform of US surveillance legislation. While legal uncertainty between the EU and the US continues, an increasing number of government agencies in Europe are facing government pressure to abandon US services in favor of local alternatives that meet all security requirements.
The agency claims that the use of Zoom by a government agency does not comply with the GDPR requirement that there is a legal basis for processing personal data.
No further formal steps are currently planned. We expect the administration to evaluate our legal arguments and take the necessary measures. Of course, we are always open to further negotiations and to finding possible ways forward. It is for this that an official warning is needed: so that the controller knows about the problems that he will face if he continues to act in the same spirit, "the representative of the DPA Hamburg gave an official comment. |
In his statement, the Acting Commissioner for Data Protection and Freedom of Information of Hamburg, Ulrich Kühn, called incomprehensible the fact that the regional government continues to violate EU law, indicating that the local alternative to the Zoom service is provided by the German company Dataport.[1]