On May 22, 2023, the Berlin data protection authority (Berlin Commissioner) published its 2022 activity report. The activity report outlines significant consultation procedures and fines, as well as reflects on key areas of focus.

2022 in statistics

Over the course of 2022, the Berlin Commissioner received a total of 4,445 complaints or requests for advice, submitted by individuals. While the number continues to be at a high level, the report explains that it is lower than in the previous year (5,671 submissions).

Regarding reported data breaches, the report states that the number also fell slightly to 1,068 incidents, often caused by malware attacks or vulnerabilities. Further, the Berlin Commissioner issued 269 warnings, seven cautions, and four orders to private and public bodies. It also issued fines totaling €716,575, the highest of which amounted to €525,000 against an online retailer due to a conflict of interest on the part of the company's data protection officer.

What were the areas of focus?

The report outlines key areas of focus, including:

• providing advice on a data protection-compliant digitization of public administrations;
• supervising the operationalization of data management systems in the healthcare sector;
• promoting data protection at the workplace, such as employee monitoring; and
• monitoring the development of a transparency law.

You can read the press release here, a summary of the report here, and the report here, all only available in German.