1. Strengthening fair competition - changes to the law against unfair competition

by Dr. Thomas Fischl

The Act to Strengthen Fair Competition only came into force on December 2, 2020, and yet there is already another amendment to the German Unfair Competition Act (UWG) on its way, the Act to Strengthen Consumer Protection in Competition and Trade Law. The aim of the reform of the UWG in 2020 was, in particular, to put a stop to (allegedly widespread) abusive enforcement of the law among competitors. In 2022, it is now planned that consumers will be entitled to compensation for damages in the event of culpable violations of consumer-protection provisions of the UWG by companies. Authorities will also have the option of imposing a fine based on turnover. New regulations are also planned for the labelling of influencer advertising.

Conclusion: Due to the quite far-reaching planned regulations, we can still expect a "headwind" in the legislative process. It will be interesting to see which points will make it into the new law.

2. Cologne Regional Court on the broad concept of the right to access (in court)

by Ramona Kimmich

On November 11, 2020, the Cologne Regional Court ruled that the right to access under article 15 of the GDPR covers mere meeting minutes and telephone notes (docket no.:23 O 172/19). This judgment is in line with the recent case law on the right to access. In addition, the motivation for claiming the right to access such as 'pre-trial discovery' on a detour via data protection law was irrelevant and may not limit the right to access.

Conclusion: The supervisory authorities typically take a differentiated view of the scope of the right to access and possible restrictions in light of the legislative aim. The judgment of the Cologne Regional Court illustrates a contrary trend in case law. Apparently, the rule of thumb is broad interpretation and almost no significant restrictions. From a practical point of view, it would have been helpful for the court to clarify whether the right to access only includes statements about a data subject or also by a data subject.

3. EUR 14.5 million data protection fine lifted and now appealed

by Dr. Andreas Splittgerber

In 2019, the Berlin Data Protection Authority fined a German real estate organization (Deutsche Wohnen) EUR 14.5 million, but the fine was lifted by the Berlin Regional Court a few weeks ago. The fine was lifted as the Berlin Data Protection Authority only showed a data protection infringement (failure to delete data) and not the responsibility for this failure by a specific individual within the organization. The prosecution has appealed this court decision. It is likely that the case will be referred to the European Court of Justice (ECJ), as other EU-jurisdictions do not require this element of individual fault.

Conclusion: Until the case is decided by the appeal court and potentially the ECJ, organizations should thoroughly assess their bandwidth of defences, including showing that individuals complied with their duties.

4. Rostock Regional Court on obtaining cookie consent

by Sven Schonhofen, LL.M.

The Rostock Regional Court decided on the admissibility of a cookie banner in its judgment of September 15, 2021 (docket no.: 3 O 762/19). Four pre-ticked checkboxes (Necessary, Preferences, Statistics, Marketing), the link "Show details," and an "OK" button were included in the cookie banner. Cookies that require consent were used on the website. Applying the Planet 49 case law, the court held that the consent was not compliant because the four checkboxes were pre-ticked. It was irrelevant that users could deactivate the separate cookies when clicking on "Show details," as they would regularly avoid this effort and click on the "OK" button without further information.

Conclusion: The judgment shows that cookie consent cannot be obtained via pre-ticked checkboxes. The Lower Saxony Data Protection Authority recently published further guidance on obtaining cookie consent.

5. Munich Court of Appeals on real name use in telemedia

by Christian Leuthner

The Munich Court of Appeals has ruled in its judgment of December 8, 2020 (docket no.: 18 U 5493/19 Pre) that telemedia providers can oblige their users to use their real names instead of pseudonyms. The requirement of the German Telemedia Act (section 13 (6) TMA) to offer users anonymous or pseudonymous use where reasonable must be interpreted in accordance with the GDPR (i.e. the interests of the parties involved must be weighed against each other). In the case decided, the provider's interest in facilitating enforcement of violations of the terms of use outweighed the users' interests, particularly with regard to increasing cases of insults, cyberbullying, and similar circumstances.

Conclusion: Telemedia providers can now make the use of telemedia dependent on the use of real names, unless users have an overriding interest worthy of protection.

6. Frankfurt Regional Court on drone photos covered by copyright freedom of panorama

by Caroline Walz

The Frankfurt a.M. Regional Court judgment of November 25, 2020 (docket no.: 2-06 O 136/20) has extended the application of the freedom of panorama (section 59 of the German Copyright Law) to photographs taken by drones. According to section 59 of the German Copyright Law, the reproduction, distribution, and making available to the public of works located permanently in public roads and ways or public open spaces is permitted. The decisive factor for the extension is the consideration of technical progress and the interpretation in conformity with the Directive. Article 5 (3) of the InfoSoc Directive does not provide any restriction for aerial photographs. Thus, the work only has to be in a public place in order for the applicability of the freedom of panorama; it is irrelevant from which place, whether from the water or from the air, it is observed.

Conclusion: The freedom of panorama according to section 59 of the German Copyright Law also applies to aerial photographs. In light of new technical developments, the Frankfurt Regional Court ventures a new interpretation of the law and thus turns against the previous case law of the German Supreme Court (for example judgment of April 27, 2017, docket no.: I ZR 247/15).

Recommended reading in the areas of EU and German IT and data protection law

by Sven Schonhofen, LL.M.

German version

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.