The Lower Saxony data protection authority ('LfD Niedersachsen') issued, on 2 June 2022, its 2021 activity report highlighting key statistics and problem areas that had emerged in 2021. In particular, the State Commissioner for Data Protection ('the Commissioner'), Barbara Thiel, stated that the complaints received by the LfD Niedersachsen in 2021 presented a slight increase from the previous year, namely from 2,479 to 2,538, whereas a more marked increase is shown in the number of violations reported by data processors, rising to 1,673 from 989 the previous year. In this regard, the Commissioner expressed that the high number of cases had diminished her ability to act as proactively as desired.

Furthermore, the Commissioner specified that complaints in 2021 had focused on illegal video surveillance, violations of the right to information, the disclosure of data to third parties, and illegal tracking on websites or unwanted email advertising. Additionally, the Commissioner noted that reports of data protection violations in 2021 often related to security gaps in Microsoft Exchange servers, the loss, theft, or incorrect transmission of data, and to cyber attacks using phishing emails and encryption trojans.

Moreover, the Commissioner highlighted that data protection should no longer be used as a scapegoat for failed projects and delayed processes, noting that this had been the case in connection with COVID-19 measures, where the right to informational self-determination, as well as other fundamental rights, had been hindered. 

You can read the press release here and download the report here, both only available in German.