Abstract
This chapter describes the Schleswig-Holstein Data Protection Seal. This trust mark for IT products is based on legal provisions introduced in the German State of Schleswig-Holstein in 2000. After explaining the legal provisions and the certification procedure of the Schleswig-Holstein Data Protection Seal, the chapter discusses its evolution. Further, it presents lessons learnt from the experience with the seal.
Marit Hansen, Data Protection Commissioner Schleswig-Holstein, Holstenstr. 98, 24103 Kiel, Germany, marit.hansen@datenschutzzentrum.de.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Since the Schleswig-Holstein Data Protection Seal mainly addresses the German market, most information on the seal is available in the German language; a few documents have been translated into English. See https://www.datenschutzzentrum.de/guetesiegel/. Accessed 27 April 2017.
- 2.
Schleswig-Holsteinisches Gesetz zum Schutz personenbezogener Informationen (Landesdatenschutzgesetz—LDSG) In Schleswig-Holstein GVOBl. 169, 204-42000.
- 3.
https://www.datenschutzzentrum.de/. Accessed 27 April 2017.
- 4.
Bundesdatenschutzgesetz (BDSG). In BGBl. I 66 2003.
- 5.
The latest version from 30.11.2013 was published in Schleswig-Holstein GVOBl. 536, 204-4-7 2013.
- 6.
Landesverordnung über die Sicherheit und Ordnungsmäßigkeit automatisierter Verarbeitung personenbezogener Daten (Datenschutzverordnung – DSVO), published in GVOBl. 554, 204-4-8 2013.
- 7.
https://www.datenschutz-mv.de/datenschutz/guetesiegel/guetesiegel.html (German). Accessed 27 April 2017.
- 8.
EuroPriSe Press Release 2014 “EuroPriSe starts work as certification authority for the privacy seal of German federal state Mecklenburg-Vorpommern”, https://www.european-privacy-seal.eu/AppFile/GetFile/0d05a4f9-05ec-49af-9319-528bfc94564d. Accessed 27 April 2017. See footnote 7.
- 9.
ULD Press Release 2013 “ULD press release concerning further development of EuroPriSe”, https://www.european-privacy-seal.eu/AppFile/GetFile/a1d64775-9d3d-4dd4-b46c-012131aed93f. Accessed 27 April 2017.
- 10.
For more information see https://www.datenschutzzentrum.de/guetesiegel/ (German) or the leaflet “Seal of privacy for IT-products and privacy protection audit for public authorities” (English), https://www.datenschutzzentrum.de/uploads/guetesiegel/Seal-of-privacy-and-privacy-protection-audit.pdf. Accessed 27 April 2017.
- 11.
https://www.datenschutzzentrum.de/guetesiegel/register-sachverstaendige/ (German). Accessed 27 April 2017.
- 12.
https://www.bsi.bund.de/EN/Topics/Certification/certification_node.html. Accessed 27 April 2017.
- 13.
https://www.datenschutzzentrum.de/download/anford.pdf (German). Accessed 27 April 2017.
- 14.
Hansen and Probst 2002.
- 15.
https://www.commoncriteriaportal.org/. Accessed 27 April 2017. For the protection profiles of the Common Criteria, see https://www.commoncriteriaportal.org/pps/. Accessed 27 April 2017.
- 16.
https://www.datenschutzzentrum.de/guetesiegel/register/ (German). Accessed 27 April 2017.
- 17.
See https://www.datenschutzzentrum.de/guetesiegel/register/. Accessed 27 April 2017.
- 18.
- 19.
The Standard Data Protection Model is an approach for auditing that has been developed in the last years and agreed among all German Data Protection Authorities: https://www.datenschutz-mv.de/datenschutz/sdm/SDM-Methodology_V1_EN1.pdf. Accessed 27 April 2017.
- 20.
See https://www.datenschutzzentrum.de/guetesiegel/register-sachverstaendige/. Accessed 27 April 2017.
- 21.
In 2012, an earlier version of this list (compiled by Thomas Probst, ULD, and the author of this text) was used as a contribution to an international discussion on privacy seals within ISO (International Standards Organization).
- 22.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union L 119/1 (04.05.2016).
- 23.
Rannenberg et al. 1999.
- 24.
The privacy and data protection goals are part of the Standard Data Protection Model introduced before.
References
Hansen M, Jensen M, Rost M (2015) Protection Goals for Privacy Engineering. 2015 International Workshop on Privacy Engineering (IWPE), Security and Privacy Workshops (SPW), IEEE, pp 159–166
Hansen M, Probst T (2002) Datenschutzgütesiegel aus technischer Sicht: Bewertungskriterien des schleswig-holsteinischen Datenschutzgütesiegels. In: Bäumler H, von Mutius A (eds) Datenschutz als Wettbewerbsvorteil – Privacy sells: Mit modernen Datenschutzkomponenten Erfolg beim Kunden. Vieweg, Wiesbaden, pp 163–179
Rannenberg K, Pfitzmann A, Müller G (1999) IT Security and Multilateral Security. In: Müller G, Rannenberg K (eds) Multilateral Security in Communications – Technology, Infrastructure, Economy. Addison-Wesley-Longman, Massachusetts, pp 21–29
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 T.M.C. Asser press and the authors
About this chapter
Cite this chapter
Hansen, M. (2018). The Schleswig-Holstein Data Protection Seal. In: Rodrigues, R., Papakonstantinou, V. (eds) Privacy and Data Protection Seals. Information Technology and Law Series, vol 28. T.M.C. Asser Press, The Hague. https://doi.org/10.1007/978-94-6265-228-6_3
Download citation
DOI: https://doi.org/10.1007/978-94-6265-228-6_3
Published:
Publisher Name: T.M.C. Asser Press, The Hague
Print ISBN: 978-94-6265-227-9
Online ISBN: 978-94-6265-228-6
eBook Packages: Law and CriminologyLaw and Criminology (R0)