Main legal texts impacting on the development of eGovernment

Last updated: October 2011

eGovernment Legislation

German Basic Law, Articles 91c and 91d (2009)

On 1 August 2009, within the framework of the second round of reforms of Germany's federal structure, important changes in the German Basic Law (Grundgesetz) came into force with articles 91c and 91d. Article 91c ensures the simplification of IT- bodies and decision-making processes, thus increasing their effectiveness and enabling their adaptation to the needs of the fast evolving technical progress. Besides, the German federation (Bund) has now the exclusive legislative competence for the development of a secure linking-up network to inter-connect Federal and Land IT-networks, which will be free of underlying media issues. Furthermore, Article 91d constitutes a vital component for the modernisation of the administration as it provides the legal basis for facilitating the federation and the Länder to directly and effectively benchmark their administrations in order to increase their effectiveness, transparency and provision of better public services.

Law on the combination of information technology networks of federal and state governments (2009)

The envisaged objectives of the German Basic Law are implemented through the Law on Linking up Federal and Land IT Networks (IT-NetzG), adopted on 10/8/2009, as well as through an Inter-Länder Agreement which came into force on 1 April 2010. According to this agreement, the IT Planning Council was established and tasked with developing the technical requirements for the core network infrastructure to be used. Moreover, the IT Planning Council bears the responsibility to steer cross disciplined eGovernment projects involving both federation and the Länder. Finally, the council will also adopt decisions on IT interoperability and security standards.

Freedom of Information Legislation

Freedom of Information Act (2005)

After being narrowly approved by the Lower Chamber of Parliament (Bundestag) in early June 2005, Germany’s Freedom of information (FOI) Act was voted on 8 July 2005 by the Bundesrat, published in the Federal Gazette on 13 September 2005 and came into force on 1 January 2006. The law provides the public with a general right to access Federal Government information. However, this general right is limited by a number of broadly defined exemptions, covering, for instance, security-sensitive issues, potential threats to public safety and even the 'fiscal interests of the Federal Government'. The legislation also contains an 'Internet clause' that will force federal administration bodies to make a number of items publicly available online. In extend to the legislation on federal level, certain Federal States also have their own Freedom of Information Legislation.

Data Protection/Privacy Legislation

Federal Data Protection Act (2003)

Germany has one of the strictest data protection laws in the European Union. The world's first data protection law was passed in the German Land of Hessen in 1970. In 1977, a Federal Data Protection Law followed, which was replaced in 1990, amended in 1994 and 1997. An additional revision took place in August 2002 to align German legislation with the EU Data Protection Directive (95/46/EC). The general purpose of this law is 'to protect the individual against violations of his personal rightsby handling person-related data.'

eSignatures Legislation

Digital Signature Act (2001)

The German Electronic Signature Act came into force on 22 May 2001, implementing EU Directive 1999/93/EC on a Community framework for electronic signatures and replacing the previous Digital Signature Act that had been adopted as part of the Information and Communication Services Act of 1 August 1997. It regulates the necessary secure infrastructure for the use of electronic signatures, which receive the same legal status as hand-written signatures. It is complemented by an Ordinance on Electronic Signatures of 16 November 2001 setting out standard requirements and responsibilities for certification authorities, as well as minimum requirements for technical components used to create digital signatures. The Digital Signature Act has been amended by the First law amending the Signature Act (1. SigÄndG) of 04/01/2005.

eCommerce Legislation

Electronic Commerce Act (2001)

The Act on framework conditions for electronic commerce of 14 December 2001 implements the EU eCommerce Directive (2000/31/EC) into German law. The Act amends the Tele Services Act and the Tele Services Data Protection Act of 1997 (both of them adopted as part of the Information and Communication Services Act of 1 August 1997), as well as some provisions of the German Civil Code.

eCommunications Legislation

Act to Regulate De-Mail Services and Amendments to other Legislation (2011)

Legal requirement for registration as a De-Mail provider is an 'Act to regulate De-Mail services and amendments to other legislation'. The draft was adopted by the Federal Cabinet on 13 October 2010, and entered into force on 3 May 2011. De-Mail providers have to fulfil high requirements on security, functions, interoperability and data protection. Furthermore De-Mail legislation foresees that providers must not only furnish the stated certificates for security, functionality and interoperability, but must also demonstrate comprehensive measures to protect personal data within the scope of the accreditation procedure. The basic specifications for security, functionality and interoperability were drawn up by the federal government together with future De-Mail providers and laid down in technical guidelines. To ensure compliance with these guidelines, De-Mail providers will be screened in a certification process that is specified by the legislator. With a focus on data protection, the De-Mail concept, for instance, requires that De-Mail providers can enable the setting up of pseudonym e-mail addresses as a means of preventing traceability in communication or consumer profiles. Furthermore, when requested, De-Mail providers must store the user's encryption certificates in the directory service to support (additional) end-to-end encryption of De-Mails.

The German Federal Office for Information Security (BSI) has published the approval criteria on its website: www.bsi.bund.de.

Telecommunications Act (2004)

Germany has transposed most of the new EU regulatory framework for electronic communications through the Telecommunications Act of 22 June 2004. The transposition is expected to be completed through secondary legislation.

eProcurement Legislation

Official Contracting Terms for Award of Service Performance Contracts (2006)

Germany through its government has notified the transposition of Directive 2004/17/EC, Directive 2004/18/EC and Directive 2005/51/EC into national law through the official contracting terms for award of service performance contracts, published on 6/4/2006. The original contracting terms have been further simplified through the 'Contract Awards for Public Supplies and Services- Part A (VOL/A)' published on 29 December 2009 on the Federal Gazette (Volume 61, Nr.196a) and a corresponding correction published on 29 February 2010. The amended procurement ordinance (Vergabeverordnung; VgV), which came into force on 11 June 2010, regulates the submission of electronic bids in the area of public procurement.

Re-use of Public Sector Information (PSI)

Law on re-use of Public Sector Information (2006)

The law on the re-use of Public Sector Information came into force on 19/12/2006 transposing the pertinent EU Directive 2003/98/EC. The law regulates the information re-usage of public sector information beyond the pubic-administrative scope, namely, for shaping new information-products and related services. The law specifies that re-usage of pubic sector information has to be non discriminative, contemporary and not exclusive.