Navigation und Service

Direkt zu:

Logo der Stiftung Datenschutz

Eine Plattform für die Datendebatte

Wie können personenbezogene Daten effektiv und effizient geschützt werden? Wie bleibt Innovation trotzdem möglich? Die Bundesstiftung bietet ein Forum für die notwendige Diskussion.

Eine Plattform für die Datendebatte

Wie können personenbezogene Daten effektiv und effizient geschützt werden? Wie bleibt Innovation trotzdem möglich? Die Bundesstiftung bietet ein Forum für die notwendige Diskussion.


About Us

The Stiftung Datenschutz (Foundation for Data Protection) was established by the German Federal Government in 2013. The non-profit incorporated foundation is based in Leipzig, Saxony. The NPO offers a neutral forum for debates around effective and efficient data policy and develops recommendations for privacy politics. Acting independently in the field of data privacy, Stiftung Datenschutz links politics and the public, academics and business. It complements existing organizations and initiatives while liaising closely with German data protection authorities on state and federal levels.

The foundation provides a forum for the essential public discourse on privacy and data protection policies, with the aim of developing future-proof, viable proposals and practical recommendations for improved implementations of data protection theories. Stiftung Datenschutz also supports research and interdisciplinary projects in the field of privacy and its protection, organizes lectures and conferences, and raises public awareness on the importance of privacy and data protection. Read more...




Data Portability – Practical Implementation of the Right to Data Portability

When the General Data Protection Regulation will become effective in May 2018, every person in the EU will for the first time have the right “to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format”.  In our project, the Stiftung Datenschutz has examined possible ways of practically implementing the right to data portability. Read more... 

New Ways of Providing Consent in Data Protection

In our networked world the disclosure of personal information has long been a part of everyday life. People can't benefit from the digital services available without consenting to the use of personal details. However, the associated data protection policies are usually long and often remain unread because of their legal jargon, technical complexity and lack of time. As a result the content of such "data protection terms and conditions" is more or less agreed to blindly. More and more requests for data protection consent also cause data owners to be overwhelmed by the need to make decisions, deadening them into a state of 'rational ignorance' and finally to a devaluation of the significance of providing consent. In real life the ideal data protection situation of 'informed consent' is a rarity.

In a project funded by the Federal Ministry of the Interior the non-profit Federal Foundation for Data Protection compared a number of different data consent projects. We also investigated the legal and economic conditions for the implementation of consent platforms. The study looks at possible ways of using technology to facilitate the legal validity of the consent process in terms of greater self-determination and user control. Proposals are developed on how the process of consent in data protection law and practice can be made more practicable and provided with technical support. Read more...

Trusted Cloud Data Protection Profile for Cloud Services

Supported by the Federal Ministry of Economics, a consortium consisting of members from enterprises, data protection authorities and legal scholars developed  a framework for a free and secure standard for data protection in cloud services, as required by the Federal Data Protection Act.

The TCDP standard is currently under the administration of the independent Foundation for Data Protection. Preparations are underway to adapt TCDP to the European Data Protection Regulation, which will come into effect in May, 2018.

 The TCDP standard was developed to create a certification standard that meets all criteria defined in the FDPA. A cloud service provider with the TCDP certificate can be considered compliant with FDPA requirements, saving their clients the obligation to control the technical and organizational measures. The certification process can be tailored to the needs of the cloud service provider. Read more...