Overview
- Germany’s Federal Court of Justice upheld the lawful transfer of identity details and contract start/end information from mobile providers to the credit bureau for fraud prevention.
- The ruling rejects an injunction sought by the North Rhine–Westphalia consumer group and confirms an earlier decision by the Düsseldorf Higher Regional Court.
- Consent is not required under the GDPR’s legitimate‑interest basis, the court found, citing evidence of rapid multi‑contract smartphone fraud in the telecom sector.
- The judgment does not address whether Schufa may use these Positivdaten for credit scoring, and the company says it does not wish to receive such telecom data.
- Reporting indicates parallel cases involving Deutsche Telekom and Telefónica Germany were resolved in the same way, and Vodafone welcomed the decision as protecting honest customers.