A works council chairman cannot simultaneously be a data protection officer

July 12, 2023

The Federal Labor Court decided in its judgment of June 06.06.2023, 9 (case number: 383 AZR 19/24.05.2018) that a works council chairman cannot also hold the position of company data protection officer at the same time. In such a case, the employer can usually revoke the appointment of data protection officer in accordance with the BDSG in the version up to May XNUMX, XNUMX (aF).

1. FACTS

The plaintiff employee was chairman of the works council at the defendant company and was also partially exempt from work (§§ 37, 38 BetrVG). In 2015, he was appointed company data protection officer for a subsidiary based in Germany. The state representative for data protection and freedom of information for the state of Thuringia caused the defendant and the other group companies to revoke the appointment with immediate effect due to an incompatibility of the two offices.

The plaintiff defended himself against this dismissal. He had claimed that his legal status as a company data protection officer continued unchanged. The defendant company, on the other hand, took the view that a conflict of interest in the performance of the two offices could not be ruled out. This incompatibility represents an important reason for the dismissal.

The labor court and the state labor court each upheld the lawsuit.

2. DECISION

However, the defendant's appeal before the Federal Labor Court was successful.

According to the Federal Labor Court, the revocation of the appointment was for good cause within the meaning of Section 4f Paragraph 2 Sentence 1 BDSG old version in conjunction with § 626 para. 1 BGB justified. The reliability required of a data protection officer may be lacking if there is a risk of conflicts of interest. Such a conflict of interest relevant to dismissal can be assumed if the data protection officer holds a position or office within a company that has as its object the determination of the purposes and means of processing personal data. This assessment by the European Court of Justice not only applies to the General Data Protection Regulation (GDPR), but also corresponds to the previous legal situation within the scope of the BDSG (old version). According to this, the tasks of a works council chairman and a data protection officer cannot be carried out without a conflict of interest. The employer may only provide the works council with personal data if this is necessary to fulfill the works council's tasks in accordance with Works Constitution Act required are. The works council decides by resolution which data it requires from the works council and how it processes the personal data provided. Within this framework, he determines the purposes and means of processing. The emphasized position of the works council chairman, who represents the works council within the framework of the resolutions passed, nullifies the reliability required under the old version of the Federal Data Protection Act.