European Privacy Laws Almost Keep Santa Down

Not even Santa can escape the limits of the privacy laws in Europe. But don’t worry — there is a happy ending (we don’t want to ruin your festive spirit on today of all days, after all).

Okay, that’s an exaggeration (the Santa part), but it’s the holiday season, so please forgive us and help yourself to another turkey sandwich. Anyway, CNN reported this week that a Christmas tradition in the German town of Roth, Bavaria had children placing their wishes to Father Christmas on a Christmas tree in the town’s Christmas market.

That market, and the tree and its wishes, are open and accessible to the public — hence the privacy issue. As the report goes, “in previous years, up to 4,000 wishes to Father Christmas were placed on a tree … previous requests granted included trips to the fire station, books and visits to the mayor. The festive event was seen as a major highlight for local kids.”

But the event stopped in 2016 because of Germany’s own data privacy and protection law. To get around the law, local officials decided to put those wishes into lockboxes, but “that was made redundant in May, when the European Union’s General Data Protection Regulation (GDPR) came into force,” the report said.

As readers of PYMNTS most likely know, “that legislation states that parents of minors have to provide consent to the use of their kids’ data. Organizations that fail to comply face big financial penalties.”

The town of Roth decided to abandoned the wish list tradition because “providing proof of (consent) was deemed too onerous by the council.”

But the spirit of Christmas is not easily defeated — nor the desire of a local radio station (presumably) to earn good PR while doing a very good deed for the children. That station, Antenne Bayern, “created a wish list, which included a parental consent disclaimer, which can be printed from their website and put in the wishing box at the Christmas market” that opened on Thursday, according to the report.