Data Protection Academy » Data Protection News » Dispute over the use of social networks by public authorities

Four data protection commissioners discuss the use of social networks by public authorities

Dispute over the use of social networks by public authorities

Social networks are a dazzling part of the Internet. They can enrich communication and information, but also hold risks for society and individuals. This dichotomy is also reflected in the current dispute over the use of social networks by public authorities.

Privacy commissioner wants to instruct police to stop using social media

The data protection commissioner of the government of Saxony-Anhalt, Harald von Bose, wants to instruct the police to stop using Facebook and Twitter, the Mitteldeutsche Zeitung reported. The state must fulfil its role model function and its authorities should therefore not violate data protection law. As site operators, the authorities are liable for what happens to users' personal data. However, Facebook and Twitter did not provide sufficient information about this, von Bose said. Last year, the Saxony-Anhalt State Chancellery had already withdrawn from Facebook. Von Bose further said that he had already explained his legal opinion to the authorities several times.

The police in Saxony-Anhalt, on the other hand, see social media as an important instrument for warning and informing the population in dangerous situations, as was the case in October 2019 with the attack in Halle. Twitter is also very important for recruiting young people and improving image, a spokesperson for the state interior ministry told the newspaper. "Fundamental legal questions" have not yet been finally clarified. The spokesman rejected the withdrawal from social media.

The state data protection commissioners in North Rhine-Westphalia and Baden-Württemberg are also pressing for the police to stop using these social networks for their public relations work. Stefan Brink, the data protection commissioner in Baden-Württemberg, consequently deleted his Twitter account at the end of January. This announced step caused a big echo, as he had been a very active Twitter user and had over 5000 followers. Brink had submitted a list of questions to Twitter, but the Twitter managers did not give him sufficient answers.

The social network Twitter uses Google Analytics

Among other things, it is problematic that the behavior of users is examined with the tools of Google Analytics. Twitter uses cookies to identify Internet users. Even from those surfers who do not have a Twitter account, the platform grabs private information off when they look at tweets. "Twitter observes the communication of the users, evaluates it and uses it for advertising," said Brink.

With five requirements and explanations (Essential requirements for the official use of "social networks", PDF, LfDI Baden Württemberg), the commissioner of Baden-Württemberg took up the case law of the European Court of Justice (ECJ) and the Federal Administrative Court on social networks. With its ruling on Facebook-Fanpages, the ECJ had established the joint responsibility of platform and site operators for compliance with data protection. To what extent this decision can also be applied to Twitter and other networks is a matter of dispute among lawyers.

The five requirements are:

  1. Official members must have a legal basis in data protection law.
  2. The transparency requirements of data protection law must be observed.
  3. Insofar as official members are jointly responsible with the platform operator for data processing, a contractual agreement must be concluded.
  4. Public authority members must offer alternative information and communication channels so that citizens are not forced into "social networks".
  5. The technical and organisational security measures must be state-of-the-art and the self-protection of citizens must be respected.

External Data Protection Officer

You are welcome to contact us as external data protection officer (DPO) order. We also offer individual consulting services as well as audits and will be happy to provide you with a non-binding offer. You can find more information about our external data protection officers on our website.

Data protection officer threatens to delete social media accounts

If authorities do not meet these requirements when using social networks, they must now make immediate improvements, Brink demands. But this requires the cooperation of the respective platform operator. If this cooperation is lacking and the official authority cannot meet the requirements, it must leave the platform. In an interview for (Stefan Brink is serious about data protection) Brink said laconically:

"It shouldn't come as a surprise to public authorities that people follow certain rules, but obviously many have to relearn this." He warned: "Thanks to the GDPR, in extreme cases I can also order the deletion of an account."

However, he admits in his paper that the legal situation is "difficult to understand" and "partly unclear". The legislator would have to examine whether more legal certainty could be created by a law on the public relations work of authorities.

The law could also regulate a future common communication platform for all public bodies, a "Baden-Württemberg platform". Brink also recommends using the Twitter alternative Mastodon, on which the state government also communicates.

Given the popularity of social media, the dispute is exciting and its end is open. Many state governments and ministries, as well as political parties, are currently setting up their own newsrooms in order to reach citizens more directly via YouTube, Facebook, Twitter and Instagram and to bypass the sometimes annoying filter function of traditional media.

Join the debate on the use of social networks by authorities!

What do you think? Is it important that authorities continue to inform about social media? Or do you think there should be other possibilities to inform the population at short notice, for example in dangerous situations? The topic is being discussed in the data protection community. We look forward to your contribution.

To the Community

Ulrich Hottelet

This might interest you too:

Fines against Elefant Online

Fines for Elefant Online SA for e-mail communication that does not comply with DSGVO. What specific infringements caused the fine?

Romanian fine Inteligo Media

Fines for Inteligo Media SA due to e-mail communication not conforming to DSGVO. What specific infringements caused the fine?

Criteria catalogue GDPR for business

Find out what questions data controllers should ask themselves in order to implement the basic data protection regulation correctly.