Bonn/Berlin, 29 January 2020
Press release 02/2020
The Federal Data Protection Commissioner recommends Evaluation of the Account Data Retrieval System
Last year, more than 900 000 account data retrievals by public authorities were authorised, as reported by the Federal Ministry of Finance. The Federal Commissioner for Data Protection and Freedom of Information (BfDI), Ulrich Kelber, takes a critical stance towards the annually increasing number:
Any retrieval of accounts constitutes an interference with the fundamental right to informational self-determination. I think there is an urgent need for an evaluation of the account data retrieval system.
The automated retrieval of account information – short form “account retrieval” – was introduced as a consequence of the terrorist attacks of 11 September 2001 in order to better combat money laundering and terrorist financing. For this purpose, credit institutions have since been required to keep available certain account information.
In the first instance, only the Federal Financial Supervisory Authority was entitled to carry out account retrievals for security authorities. In 2005, the Federal Central Tax Office was also granted the power to retrieve account data. Since 2013, bailiffs have also been allowed to request account retrievals from the Federal Central Tax Office. As a result, a diagnostic tool for combating money laundering and terrorist financing has turned into a law enforcement tool.
It is therefore not surprising that the number of account retrieval requests has steadily increased, especially since 2013. Whereas in 2012, the number of such retrieval requests at the Federal Central Tax Office only amounted to 72 000, last year, the number amounted to more than 900 000.
The Federal Commissioner for Data Protection and Freedom of Information added:
With the Act to Promote Tax Honesty, the national legislator has started to extend the original scope from 2005 onwards. The involved restriction of the fundamental right to informational self-determination is acceptable only if legislators and authorities make every effort to use this instrument in a moderate manner. For example, this must not lead to any mistaken identities just because debtors and alleged debtors coincidentally have the same names. Such errors violate the data protection principle of integrity and confidentiality, and they are unacceptable for the data subjects.
I therefore expressly welcome the improvements in the integrity and confidentiality of data that have now been achieved by the Act on Combating Tax Evasion. It remains to be seen whether these improvements are really effective. I doubt whether the account retrievals are still proportionate in the light of the numbers that have been rising for years.