Europe has generally been known for its stalwart protection of citizens’ privacy, but a new draft law proposed in Germany seems to fly in the face of that tradition. Based on a report from the nation’s union for data protection, it’s been revealed that the Interior Minister Thomas de Maiziere has a draft law  in place that would do some serious damage to the state of data privacy rights in Germany.

Under the proposed legislation, Germans wouldn’t have to be informed about the kind of data collected on them if revealing such information “disadvantages the well-being” of Germany or might “seriously endanger” business activities. Moreover, the law would allow for facial recognition software for video surveillance, and stop data protection commissioners from both performing follow-up checks in the case of legal or medical data hacks and sanctioning security agencies over such breaches.

Curiously enough, the law is meant to reinforce the more stringent European Union privacy rules slated to go into effect in 2018. But according to the German union for data protection, the draft version does not follow existing EU laws and instead seeks to impose “unconstitutional” regulations.

“The limitation of data protection controls in the medical field, which was a focal point of the [data protection] authorities up until now, is simply a disaster,” Thilo Weichert, former data protection commissioner for the state of Schleswig-Holstein and a current union board member, said. The union further noted that the right to know what information is being collected on a citizen is the “Magna Carta of data protection.”

Of course, we should keep in mind that this is only a draft law, and given the severe backlash that has already resulted from the existing proposals, changes may still be made. But take note, people of Germany — this is your privacy at stake.