When Walter Krämer submitted a report on the powerful German insurance industry and a company owned by media giant Bertelsmann, even his own colleagues weren’t happy.
Mr. Krämer, who is in charge of data protection in the state of Baden-Württemberg in southern Germany, is attacking a system that he believes is wrong. His target is the insurance industry’s shared blacklist of possible fraudsters, known as the HIS databank.
Member companies of the German Insurance Association feed in anything they think is suspicious. The data is then secretly managed by an insurance risk and fraud protection service called “informa,” a subsidiary of Bertelsmann.
Every time someone in Germany applies for coverage, the insurance company checks to see if the potential client’s name is in the databank. Anyone on the blacklist will have trouble getting insurance.
How the blacklist works is closed to the public and may violate privacy laws, according to Mr. Krämer’s research. On the list of supposed fraudsters are the names and data of 1.7 million people – even though hundreds of thousands of them are innocent of any wrongdoing.
Insurance companies say they are protecting themselves and their clients from unjustified payouts. They point out that the industry association and data protection commissioners from the German states worked together on details for the databank.
Anyone claiming property damages several times within a year can find their names on the list.
Why insurance companies place clients on the list and collect their information is often unclear. And they do it, Mr. Krämer said, with a “helping hand” from the very officials empowered to ensure privacy – federal data protection authorities.
The story behind Mr. Krämer’s fight started in 2013 in Parsberg, a Bavarian village in southern Germany.
Judith, a young student, had just gotten her secondary school certificate and could be sure of a job with a vocational training program. Her parents thought it was a good time to find out about occupational disability insurance.
One evening, a friend of Judith’s mother, an agent working for Allianz, the world’s largest insurance company, stopped by to discuss different policies.
The agent urged Judith to declare everything on her application, to avoid trouble later on. Judith described her allergies to cat hair and grass pollen, and supplied a certificate from a specialist physician about her condition. The policy was more expensive because of the affliction – more than €80 monthly, or about $90. That was too much for a trainee, so Judith declined the insurance.
About six months after meeting with the insurance agent, Judith received a letter from Allianz, informing her that her name was now stored in the HIS database, meaning the insurance industry regarded her as a suspicious person.
Her story seems to conflict with the German constitutional right to “informational self-determination” – the principle that everyone has the right to respect for private and family life. The Federal Constitutional Court agreed in its “census verdict,” which said that citizens should be able to know “who knows what about them,” and why.
But the insurance companies’ blacklist operators won’t say how they determine who is added to the list.
Complaints by clients have uncovered a few reasons – and they show that insurance companies have a very broad interpretation of what constitutes potential fraud. For example, anyone claiming property damages several times within a year can find their names on the list. So too can clients who have several legal bills paid by their legal protection insurance within a short period.
In 2006, the insurance association received the “Big Brother Award” – a sort of Oscar for data leeches, given by human rights and privacy advocates.
The official reason for Judith’s name being stored was cryptic. Her file only said there was a “difficulty.” When Judith wanted to know what that meant, a data collector at informa, the company that manages the blacklist, contacted her. It supposedly concerned her “intentional or unintentional omission of risk-increasing factors when replying to subsequent enquiries.”
The data collector implied that Judith, who had always spoken openly about her affliction, would not mention her bronchitis in connection with other insurances. “Deletion (of her name) will be at the end of 2017,” the company official said.
Judith wrote a letter to the commissioner for data protection in the state of Baden-Württemberg. It landed on the desk of Walter Krämer, who was responsible for the data collector, informa, and Allianz.
In his December 2014 report, Mr. Krämer tore apart the arguments of Allianz and informa – storing Judith’s data was, in his opinion, illegal, and her right to privacy outweighed the unjustified allegation that she had made false statements to an insurance company.
“When she made an application for insurance to Allianz, she neither made false statements with intent to defraud, nor did she keep secret with deliberate malice the information necessary for the insurance company,” Mr. Krämer said.
Mr. Krämer also had a problem with the initial reason given: that there was a “difficulty.” In his view, it signaled that Judith suffered from health disabilities, or that she had a tendency to fraudulent behavior or making inaccurate statements.
Such information was illegal for two reasons, he said. Data about health cannot be exchanged, neither directly nor indirectly. And Judith’s listing in the HIS databank portrayed her incorrectly as a potential fraudster.
The list’s operator, informa, rejected those accusations. It argued that the word “difficulty” made clear there was some risk factor, but did not identify it.
“The ‘difficulty’ can be not just a health risk, but also a dangerous job, or a risky hobby,” the company said. “The reference does not reveal which of these risk-increasing factors it was.”
Officials at informa maintain that “difficulty” was not a code word, but a consciously selected term in accordance with the principle of data collection.
However, even if data protection officials determine that people's name are being stored illegally, it is not easy to have them taken off the list, because it was German data protection authorities that helped set up and approved the current system.
The predecessor of the HIS databank was itself the cause of scandal years ago. Insurance companies had been hoarding names since 1993 in a “uni-risk” databank. For years the German Insurance Association, known as GDV, managed the blacklist. Personal information was not just collected, but immediately transferred to CDs and sent to insurance companies. Most clients knew nothing about it.
But public awareness and outrage grew after the turn of the century. In 2006, the insurance association received the “Big Brother Award” – a sort of Oscar for data leeches, given by human rights and privacy advocates.
Alarmed by the attention, the industry group promised to clean up its act. It drew up a binding code of conduct with data protection officials in the federal states, aimed at preventing abuse. A revised fraud protection databank, HIS, began operation in April 2011. Data protection officials and insurance companies congratulated themselves for taking steps to protect privacy.
But data protectors only agreed to some details of HIS under great protest, according to sources. Still, it was better to have a bad regulation than none at all, they reasoned. This made them hostages: How could data protection authorities criticize a system they helped create?
Just a few weeks ago, it became known that informa was not deleting data after four years, as required, but after 10 years.
“We very much regret this error,” said officials at informa, which commissioned auditors to check systems behind keeping the fraud list. The audit, however, found everything was in order.
As for Judith, the trainee with the allergies, although the authorities have admitted that storing her name was illegal, she is still on informa’s blacklist of fraudsters.
Massimo Bognanni is a Handelsblatt reporter. To contact him: [email protected].