Moritz Hennemann Selected as New Federal Data Protection Commissioner
The German coalition government has reportedly reached an agreement on the appointment of a new Federal Data Protection Commissioner. According to information from the Frankfurter Allgemeine Zeitung (FAZ), Moritz Hennemann, a legal expert from Freiburg, has been chosen to succeed Louisa Specht-Riemenschneider, who is stepping down from her position due to health reasons.
After extensive discussions spanning nearly three months, representatives from the CDU, CSU, and SPD coalitions agreed to nominate Hennemann, who brings a strong background in data law and privacy regulation to the role. Born in 1985, Hennemann meets the legal requirements for the position, which stipulate a minimum age of 35. If approved, he will become the ninth individual to hold this important federal office.
Professional Background and Academic CareerHennemann studied law in Heidelberg, Krakow, and Oxford, gaining experience as an academic researcher and practicing attorney. In 2019, he completed his habilitation in Freiburg, subsequently accepting a professorship at the University of Passau. More recently, he returned to Freiburg, continuing his academic and research work in the area of data law.
His research covers a broad spectrum of topics in data regulation, including issues beyond traditional privacy law. Hennemann has examined the implications of the General Data Protection Regulation (GDPR), often critically assessing its impact on innovation and economic policy. In his published analyses, he has suggested that the GDPR, while essential for privacy protection, may also present obstacles to technological advancement. He has also called for broader consideration of economic, geopolitical, and security factors in decisions related to data transfer and international cooperation, particularly with countries outside the European Union.
Implications for Federal Data PolicyShould Hennemann's appointment be confirmed by the Bundestag, he will take on the role during a period of significant change for Germany's data protection landscape. Current discussions within the government propose shifting some supervisory responsibilities from state authorities to the federal level, consolidating oversight and potentially increasing the influence of the Federal Data Protection Commissioner's office. Additionally, ongoing political debates may lead to limitations on the agency's oversight of intelligence services, which could redefine the scope of the commissioner's authority.
The process for appointing the Federal Data Protection Commissioner requires an official nomination by the Federal Ministry of the Interior, followed by a vote in the Bundestag. Once confirmed, the commissioner's independence is protected by European law, ensuring that the office can operate free from political or external influence.
Transition Plans and Regulatory ContinuityLouisa Specht-Riemenschneider, the outgoing commissioner, announced her decision to resign earlier in the year due to health challenges. She has expressed her intention to continue serving until a successor is formally in place to maintain continuity in the agency's leadership. The Federal Commissioner for Data Protection and Freedom of Information plays a crucial role in overseeing compliance with national and European data protection standards, providing guidance to public authorities, and representing Germany in international data policy forums.
During the interim period between commissioners, the agency's operations are managed by a senior civil servant. However, this arrangement does not grant the same formal powers as those assigned to a Bundestag-elected commissioner. The coalition's timely agreement on Hennemann's appointment is intended to prevent any prolonged gaps in leadership, which have previously created challenges for the agency's functioning.
Hennemann's prospective leadership comes at a time when the balance between data protection, technological innovation, and international data flows is increasingly complex. His background in both academic research and legal practice positions him to navigate these challenges as Germany continues to refine its approach to digital policy and privacy regulation.