• Home
  • Latest
  • €9.5m GDPR fine to German telco for insecure customer authentication

€9.5m GDPR fine to German telco for insecure customer authentication

Posted on 09 December 2019

The German Federal Commissioner for Data Protection, or BfDI, (the federal data protection authority for telecommunication service providers) has issued a fine of €9.55m [text in German] for infringement of the General Data Protection Regulation (GDPR). The fine, against 1&1 Telecom GmbH, arose after the regulator became aware that callers to the company could, merely by providing someone's name and date of birth, obtain considerable further information about the person. This, said the BfDI, violated Article 32 of GDPR which requires data controllers to implement appropriate technical and organisational measures to ensure an appropriate level of security. The BfDI has since opened investigations into the practices of other telecoms providers.

We understand that 1&1 Telecom intend to challenge the fine. Nonetheless, as GDPR's rules apply across Europe and as regulators are supposed to apply its principles in a consistent way, any company - including those in the UK - which uses telephone customer-authentication measures would be well advised to review its practices to ensure it doesn't risk inadvertent disclosure to wrong persons.

At the same time the BfDI has also issued a much lower fine of €10,000 to telecoms provider Rapidata GmbH for failing to appoint a data protection officer under Article 37 of GDPR.

How can we help you?

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

Crisis Hotline

Emergency number:

COVID-19 Enquiry

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select a contact method

I'm a client

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter a value

I'm looking for advice

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select a department
Please select a contact method

Something else

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select your contact method of choice