Transferring data carries risks, especially if it is sensitive data. Businesses are increasingly shying away from using unencrypted e-mails for security reasons. Germany’s Federal Court of Justice recently held that public authorities must provide businesses with secure data transfer options.
Secure data transfer
In a case heard by Germany’s Bundesgerichtshof (BGH), judges held that public authorities are not entitled to insist that businesses transfer data to them via unencrypted e-mail (26.02.2013 Az. KVZ 57/12).
The dispute arose between cartel authorities and a company. The company wanted to transfer an Excel file via encrypted data transfer for security reasons.
The authorities were disinterested in the company’s security concerns and demanded that the data be transferred via regular unencrypted e-mail.
The BGH took the view that it is unreasonable to expect a business, to transfer data in an unsecure format, regardless of whether the files contain sensitive data or not.
Data storage devices
In justifying its decision, the court argued that where public authorities do not offer a secure data transfer option, they can request businesses to send information via data storage device, for example in DVD format or saved on a USB or external hard drive.