The report by Dagmar Hartge, the State Commissioner for Data Protection and Access to Records, outlines the activities and challenges in data protection for 2018. Key points include: 1. **Introduction of New Data Protection Law**: The year marked the implementation of the EU's General Data Protection Regulation (GDPR), causing significant uncertainty for organizations. 2. **Facebook Case**: A case involving a former employee's public profile posting about tax debts was dealt with, leading to a substantial fine. 3. **WhatsApp Use**: The report advises against using WhatsApp for data protection purposes due to its automatic data collection and storage practices. 4. **Police Equipment System**: Multiple data protection violations were identified in the police equipment system, including lack of access restrictions and encryption. 5. **Clinical Cancer Register**: The clinical cancer register of Brandenburg and Berlin was reviewed, with some technical and organizational measures found to be inadequate. 6. **Cross-Border Data Processing**: The report highlights the increased collaboration among European data protection authorities, with a focus on cross-border cases. 7. **Fines and Investigations**: The number of fines and investigations under the GDPR has increased, though most cases still follow the old legal framework. 8. **Annual Reporting**: The report will now be published annually, while the access to records report will continue to be published biennially. Additionally, the Hasso-Plattner Institute (HPI) and the University of Potsdam are launching a new Master's program in Cybersecurity, offering comprehensive training in IT security. The program aims to prepare students for diverse career opportunities in various industries. The report also discusses key IT security trends for 2019, including the rise of social engineering, the importance of artificial intelligence in security, the increasing focus on industrial networks and IoT, the need for cloud security, the priority of data protection, the demand for managed security services, and the growing cyber activities of state actors.The report by Dagmar Hartge, the State Commissioner for Data Protection and Access to Records, outlines the activities and challenges in data protection for 2018. Key points include: 1. **Introduction of New Data Protection Law**: The year marked the implementation of the EU's General Data Protection Regulation (GDPR), causing significant uncertainty for organizations. 2. **Facebook Case**: A case involving a former employee's public profile posting about tax debts was dealt with, leading to a substantial fine. 3. **WhatsApp Use**: The report advises against using WhatsApp for data protection purposes due to its automatic data collection and storage practices. 4. **Police Equipment System**: Multiple data protection violations were identified in the police equipment system, including lack of access restrictions and encryption. 5. **Clinical Cancer Register**: The clinical cancer register of Brandenburg and Berlin was reviewed, with some technical and organizational measures found to be inadequate. 6. **Cross-Border Data Processing**: The report highlights the increased collaboration among European data protection authorities, with a focus on cross-border cases. 7. **Fines and Investigations**: The number of fines and investigations under the GDPR has increased, though most cases still follow the old legal framework. 8. **Annual Reporting**: The report will now be published annually, while the access to records report will continue to be published biennially. Additionally, the Hasso-Plattner Institute (HPI) and the University of Potsdam are launching a new Master's program in Cybersecurity, offering comprehensive training in IT security. The program aims to prepare students for diverse career opportunities in various industries. The report also discusses key IT security trends for 2019, including the rise of social engineering, the importance of artificial intelligence in security, the increasing focus on industrial networks and IoT, the need for cloud security, the priority of data protection, the demand for managed security services, and the growing cyber activities of state actors.