Privacy and Self-Determined Living in the Digital World Forum (Privacy Forum) - Phase II

The content on this page was translated automatically.

Research field

Digitally networked technologies and applications are increasingly penetrating and significantly influencing almost all areas of people's lives. Privacy and self-determination, both of the individual and of collective actors, are thus influenced and called into question in a significant way. The massive digital transformation processes mean that private information can become comprehensible to third parties, transparent, inevitably known and generally public. In the process, already established social, political and legal institutions are confronted with new and demanding challenges. The mass generation, storage and processing of personal data also leads to an enormous increase in information asymmetries between the state and companies on the one hand and citizens on the other. As a result, power relations are shifting to a considerable extent to the detriment of citizens and are developing contrary to our modern understanding of the protection of fundamental rights. The consequences for the privacy and self-determination of the individual are difficult to assess.

Aims of the research project

In the second phase of the forum, building on the results achieved in the first phase, interdisciplinary cooperation (philosophy/ethics, sociology, political and communication sciences, psychology, law, economics and computer science) will address the central social, political, technological, economic and legal issues associated with the increasing digital networking of technologies and applications. The research goal is to continue to analyze and redefine the prerequisites of autonomy, self-determination and development possibilities in depth within the forum. In the scientific forum, these questions will continue to be answered in the future with the involvement of publicly active actors and (inter)national expertise. 

Legal sub-project of the University of Kassel/provet

The project focuses on four thematic areas:

  • Privacy Governance,
  • Value creation,
  • Social inclusion and exclusion, and
  • Change through and by technology.

The first topic, Privacy Governance, for which provet is responsible, focuses on the massive upheavals in data protection law brought about by the General Data Protection Regulation. The focus here is primarily on two sets of topics: 

  • Design of data protection after the General Data Protection Regulation and
  • Governance needs and forms beyond the General Data Protection Regulation.

The task of provet is to explore the question of how the governance structure of the General Data Protection Regulation is to be understood. In addition, the effects of the General Data Protection Regulation and the governance options it opens up and closes off are to be assessed. Furthermore, it is to be examined how sustainable the governance structures and forms created by the General Data Protection Regulation are and how they can be further developed. 

The General Data Protection Regulation has created new governance instruments and changed existing ones. The opportunities and risks associated with them must be examined and evaluated. One important tool is the data protection impact assessment. This was already addressed in the first phase of the research project in the white paper "Data Protection Impact Assessment - A Tool for Better Data Protection" and initial proposals for its use were developed. For this tool, implementation in guidelines and use in practice are to be observed and evaluated, and proposals for its concrete use are to be developed. Furthermore, the General Data Protection Regulation introduces the design of technology and systems according to the principles of privacy by design and by default as a very abstract duty of the controller (but not directly of the manufacturer). In this context, we will examine how these principles are to be understood, implemented and enforced in concrete terms. This will be underpinned with practical examples. 

Furthermore, the General Data Protection Regulation provides for the possibility of data protection-specific certification procedures that can act as a supplement to the instrument of data protection impact assessment and to the principles of privacy by design and by default. Here, we analyze how certification procedures can be created or modified and how the best possible dovetailing with the other instruments of the Regulation can be realized. Furthermore, the General Data Protection Regulation has clarified data subject rights and introduced a new right with the right to transfer data. However, it did not take into account the fact that individual data subjects will be overburdened with exercising their rights in the future. In this respect, it will be necessary to investigate how these rights can be exercised in a more professional manner and with technical support. 

In addition, the General Data Protection Regulation has changed and in some cases devalued proven data protection principles such as purpose limitation, necessity and data economy. provet is investigating what this means for data protection and how it can be dealt with. 

Within the framework of the other three topics, the legal subproject is working with the respective lead project partners. In the topic of value creation , one of provet's tasks will be to investigate how the value of personal data is created and distributed. The legal subproject will also analyze the relationship between economization and fundamental rights in an interdisciplinary collaboration. The main focus will be on the regulatory framework, in particular the relationships between the concept of property, data and the legal enabling of data-based value creation. In the topic area of social inclusion/exclusion, the topics of privacy as a good, identity protection and democracy, privacy and digitization in healthcare, and data protection and privacy in the education sector will be examined in more detail. The topic of shaping technical and societal change examines how the technical and societal change caused by the Internet of Things, artificial intelligence and the increasing processing of new types of heterogeneous communication networks can be shaped. In terms of content, the subproject's contribution to the work package focuses on the question of how to deal with the tension between the protection of national as well as European fundamental and human rights on the one hand and the innovation potential of digitalization on the other.

The main results of the jurisprudential subproject of the first phase of the research project "Forum Privatheit" are as follows

Project partner

Department of Sociological Theory, University of Kassel

Fraunhofer Institute for Secure Information Technologies SIT, Darmstadt

Fraunhofer Institute for Systems and Innovation Research ISI, Karlsruhe

International Center for Ethics in the Sciences and Humanities (IZEW), University of Tübingen

Ludwig Maximilian University, Munich (LMU)

Independent Center for Data Protection Schleswig-Holstein (ULD)

University of Duisburg-Essen

Project progress (selection)


CAST Workshop Law and IT Security: "What follows the General Data Protection Regulation?", March 14, 2019, Darmstadt.

Interdisciplinary conference "Future of the Data Economy - Design Perspectives between Business Model, Collective Good and Consumer Protection," October 11-12, 2018, Munich.

Radio report at BBC on NetzDG "How Jokes Can Get You Blocked in Germany" on 13.4.2018.

CAST workshop "Law and IT Security: What follows the General Data Protection Regulation?" on 15.3.2018 in Darmstadt.

Panel on "National Implementation of the General Data Protection Regulation" at the "11th International Conference on Computers, Privacy & Data Protection" (CPDP) on 24.1.2018 in Brussels, Les Halles de Schaerbeek

Interdisciplinary conference "The Further Development of Data Protection" of the Forum Privatheit on 2/3.11.2018 in Berlin.

Forum Privatheit symposium: "From Profiling to Fake News" as well as practical workshop "Fake News on 22/23.06.2017 in Berlin


Nebel, M., Tagungsbericht zur Jahreskonferenz des Forum Privatheit "Aufwachsen in überwachten Umgebungen - Wie lässt sich Datenschutz in Schule und Kinderzimmer umsetzen?", ZD-aktuell 2020, 06929.

Roßnagel, A./Geminn, C. L./Nebel, M./Bile, T., Evaluation der Datenschutz-Grundverordnung, Policy Paper of the Forum Privatheit, Karlsruhe 2019.

Martin, N., Bile, T., Nebel, M., Bieker, F., Geminn, C. L., Roßnagel, A., Schöning, C., Das Sanktionsregime der Datenschutz-Grundverordnung, Auswirkungen auf Unternehmen und Datenschutzaufsichtsbehörden, Research Report of the Forum Privatheit, Karlsruhe 2019.

Nebel, M., Datenschutzrechtliche Verantwortlichkeit bei der Nutzung von Fanpages und Social Plug-ins, Recht der Datenverarbeitung (RDV) 2019, Issue 1, 9-13.

Nebel, M., Die Zulässigkeit der Erhebung des Klarnamens nach den Vorgaben der Datenschutz-Grundverordnung, Kommunikation und Recht (K&R) 2019, 148-152.

White Paper Tracking - Description and Evaluation of New Methods, Schriftenreihe Forum Privatheit, 2018.

Nebel, M., Big Data and data protection in the world of work, risks of digitalization and remedies, Zeitschrift für Datenschutz (ZD) 2018, issue 11, pp. 520-524.

Geminn, C./Bieker, F., Zur künftigen Fortentwicklung des Datenschutzes, in: Roßnagel/Friedewald/Hansen (eds.), Die Fortentwicklung des Datenschutzes, DuD-Fachbeiträge, Wiesbaden 2018, pp. 387-394.

Geminn, C., Das Europäische Datenschutzrecht - Zwischen Leuchtturmfunktion und Werteexport?, Deutsches Verwaltungsblatt (DVBl.) 24/2018, pp. 1593-1599.

Geminn, C., Wissenschaftliche Forschung und Datenschutz - Neuerungen durch die Datenschutz-Grundverordnung, Datenschutz und Datensicherheit (DuD) 10/2018, pp. 640-646. 

Roßnagel, A., Fundamentals of European Data Protection Law - Introduction, in: Data Protection Documentation, 68th Supplementary Edition, 3/2018, pp. 1-12.

Roßnagel, A., Current keyword: E-Privacy Regulation of the European Union, MedienWirtschaft 1/2018.

Bile, T./Geminn, C./Grigorjew, O./Husemann, C./Nebel, M./Roßnagel, A., Promoting and demanding - regulatory forms to incentivize a more effective protection of privacy and informational self-determination in: Friedewald, M. (ed.), Privatheit und selbstbestimmtes Leben in der digitalen Welt, Interdisziplinäre Perspektiven auf aktuelle Herausforderungen des Datenschutzes, Springer 2018, pp. 83-126.

Bieker, F./ Geminn, C., Interdisciplinary conference of the 'Forum Privatheit': the further development of data protection, ZD-Aktuell 2/2018, 05953

Policy Paper "Strengthening data protection, enabling innovation - How to flesh out the coalition agreement," Schriftenreihe Forum Privatheit, 3/2018

Nebel, M., Saxony on the way to electronic administration, ZD-aktuell 2/2018, 05952

Policy Paper "The Network Enforcement Act", Publication Series Forum Privatheit, 1/2018.

Policy Paper, "National Implementation of the General Data Protection Regulation," Policy Paper Schriftenreihe Forum Privatheit, 01/2018

Policy Paper, "National Implementation often the General Data Protection Regulation," Schriftenreihe Forum Privatheit, 1/2018

Roßnagel, A. (ed.), The new data protection law - European General Data Protection Regulation and German data protection laws, Nomos Praxis, Baden-Baden 2018 

Geminn, C./Nebel, M., Internationalization vs. nationalization in the age of the digital society. Ways out of a crisis of law and democracy, in Friedewald/Lamla/ Roßnagel (eds.), Informational Self-Determination in the Digital Transformation, Springer 2017, pp. 287-318.

Nebel, M., The Further Development of Data Protection - Annual Conference of the Forum Privatheit, ZD-aktuell 17/2017, 05798

Roßnagel, A., Data protection supervision after the General Data Protection Regulation - New tasks and powers of supervisory authorities, Schriftenreihe DuD-Fachbeiträge, Springer Verlag, 2017, p. 204.

White Paper "Data Protection Impact Assessment," Schriftenreihe Forum Privatheit, 3rd edition, 11/2017.

Policy Paper "Data economy or data abundance, Schriftenreihe Forum Privatheit, 8/2017.

Grigoryev, O./Bile, T., Amending the TMG: Successful amendment for legally secure open WLAN operation?, ZD-Aktuell 2017, 05621.

White Paper "Privatheit in öffentlichen WLANs - Spannungsverhältnisse zwischen gesellschaftlicher Verantwortung, ökonomischen Interessen und rechtlichen Anforderungen", Schriftenreihe Forum Privatheit, 6/2017.

Policy Paper "Fake News", Publication Series Forum Privatheit, June 2017.

Bile, T/Grigoriev, O., Research project "Forum Privatheit und selbstbestimmtes Leben in der Digitalen Welt" - Phase II, ZD-aktuell 7/2017, 05557

Geminn, C., Risk-adequate regulations for the Internet of Services and Things? - An overview of the innovations in the draft for a new Federal Data Protection Act, DuD 5/2017, pp. 295-299.

Roßnagel, A., Draft of a new Federal Data Protection Act, DuD 5/2017, pp. 269-270

Roßnagel, A., Legislation in the context of the General Data Protection Regulation - Tasks and scope for the German legislator?, DuD 5/2017, pp.  277-281

Grigoriev, O., Research project "Forum Privatheit und selbstbestimmtes Leben in der Digitalen Welt," ZD-aktuell 5/2017, 05532.

Roßnagel, A. (ed.), European General Data Protection Regulation, Nomos Praxis, Baden-Baden 2017

Project info

Federal Ministry of Education and Research (BMBF)

April 2017 - March 2021

Responsible for the project:
Prof. Dr. Alexander Roßnagel

Contact persons:
Ass. iur. Maxi Nebel
Tamer Bile