The European Court of Justice should now clarify whether the Schufa score matches the General Data Protection Regulation. A German consumer had sued who wanted to defend herself against allegedly false entries at the Schufa. The ruling could have far-reaching consequences.
Schufa in court: scoring without data protection?
The private credit agency Schufa calculates probability values about a person’s creditworthiness. These values often have a decisive influence on whether someone receives a loan or a contract. The Schufa score is also often used when shopping online. Now the European Court of Justice should clarify whether that automated procedure of the Schufa must be brought into line with the European General Data Protection Regulation (source: FAZ).
Article 22 of the General Data Protection Regulation states that persons “must not be subjected to a decision based solely on automated processing, including profiling”. However, this does not apply if, for example, a contract is concluded between a person and a company. One “express consent of the person concerned “is sufficient here so far.
The applicant from Germany would like to Delete entries at the Schufa which, according to her, are simply wrong. The case first landed with the Hessian commissioner for data protection and later with the Wiesbaden administrative court. The judges are now hoping for a final clarification from the European Court of Justice.
in the Video: This is how you can save money when shopping online.
Schufa decision: GDPR should protect
According to the Wiesbaden Administrative Court, the General Data Protection Regulation is intended to protect against a “form of decision based purely on automation”. But that corresponds pretty much to the Schufa procedure. The Schufa does not disclose how exactly the Schufa score is calculated. One appeals here a trade secretwhich is also permissible according to a decision by the Federal Court of Justice in 2014.