Self-Regulation of Internet Privacy in Germany and the European Union

Self-regulation is an essential element of the legal design of the general information order and especially important for the establishment of rules for the protection of privacy (or “informational self-determination”, as referred to by the German Federal Constitutional Court (Bundesverfassungsgericht). It is an expression of freedom and a suitable way of achieving justice. Self-regulation enables the economy to rapidly develop appropriate rules in accordance with industry or company-specific needs. Once universally recognised, self-regulation can especially simplify the global procession of data. Moreover, self-regulation forms a possibility of cooperation between governmental regulators and their subjects in those areas where the government is detached because the data processors themselves have met a sufficient level of data protection.
The increasing importance of self-regulation is partly induced by the experience that in a highly complex, technically shaped and exceedingly changing world, the governments alone cannot provide for data protection comprehensively, particularly in respect of the internet. In these circumstances, hierarchical concepts of politics, where the state forms the single determining actor are no longer adequate. On the contrary, the state is but one player among others, with whom it needs to collaborate regarding the influence on the further development. In the area of data protection law regulation has to adapt to keep up with the swift development of technologies, highly complex systems and numerous applications. Thus, it seems advisable for lawmakers to restrict themselves concerning detailed data protection provisions wherever justified, and to consent to the subjects’ self-regulation on the respective data protection issue.