The subject of the staff representation law proceedings before the Wiesbaden Administrative Court is the question of whether the introduction of live streaming lessons using video conferencing systems requires the consent of the respective teacher in addition to the consent of the parents for their children or of the pupils of full age, or whether the data processing taking place here is covered by the Hessian Data Protection and Freedom of Information Act (HDSIG), as well as the question of what rights the staff council has in this regard.
In its decision of 21 December 2020, the Land Chamber for Staff Representation Law of the Wiesbaden Administrative Court decided to refer the question to the Court of Justice of the European Union (CJEU) as to whether a provision must meet certain substantive requirements of the GDPR in order to be a "specific provision" within the meaning of the GDPR. In addition, it had to be clarified whether a national provision, if it obviously did not meet these requirements, could still remain applicable.
It depended on the clarification of this question whether the Hessian regulations on data protection fulfilled the requirements of the GDPR and whether these standards remained applicable despite a possible infringement.
The Land Chamber of Staff Representation Law has doubts as to whether the Hessian provisions (section 23(1) sentence 1 of the HDSIG and section 86(4) sentence 1 of the HBG) are norms which meet the requirements of the GDPR (Article 88(2) of the GDPR). These requirements were neither fulfilled in the Hessian norms themselves, nor by supplementary normative requirements elsewhere in the respective law.
The Federal Labour Court (Bundesarbeitsgericht, BAG) did not share these concerns of the Chamber of Experts for Staff Representation Law of the Land with regard to the identical wording of the provision in the Federal Data Protection Act (BAG, decision of 7 May 2019 - 1 ABR 53/17 -, BAGE 166, 309-322, margin no. 47). However, the Land Chamber of Experts for Staff Representation Law is of the opinion that the mere reference to the fact that the controller must in particular comply with the principles set out in the GDPR (section 23(5) of the HDSIG; corresponds to the same wording of section 26(5) of the BDSG) does not meet the requirements of the GDPR (Article 88(2) of the GDPR).
The order for reference (ref.: 23 K 1360/20.WI) is final.
Source: Press release no. 03/2021 of the VG Wiesbaden of 27.01.2021
