What is a Betriebsvereinbarung KI?

A Betriebsvereinbarung KI is the formal written agreement between an employer and the Betriebsrat (works council) under §87 of the German BetrVG (or its Austrian equivalent) that defines how AI tools are introduced, monitored, and used in the workplace. Without one, deploying AI that affects employees is a co-determination violation: the works council can block the rollout, file a complaint with the Einigungsstelle, and in some cases force a court-ordered shutdown.

What is the Bitkom Leitfaden from February 2026?

'KI und Mitbestimmung: Eckpfeiler einer Betriebsvereinbarung für den KI-Einsatz im Unternehmen' is a standardized template published by Bitkom in February 2026 that lists what every Betriebsvereinbarung KI should cover: purpose, information rights, data protection, AI literacy, transparency, monitoring, co-determination on changes, dispute resolution. It is a good 80% baseline; the 20% architectural specifics (working-hours cascade, permission architecture, snapshot guard, audit logs) are not covered.

How long should the Betriebsvereinbarung term be?

Typical practice in 2026 is 2-3 years with automatic renewal absent objection 3 months before expiry. Shorter terms (12 months) make sense if the AI technology is evolving rapidly and you anticipate material vendor changes. Longer terms (5 years) make sense for stable AI tools with little expected change. Most enterprises land at 3 years. The term clause should also include trigger events that force out-of-cycle review (serious incident, vendor change, regulatory change).

Can the Betriebsrat block AI deployment indefinitely?

No, but the Betriebsrat can delay it via co-determination process. §87 BetrVG gives the Betriebsrat strong consultation rights; without agreement, the employer can refer the matter to the Einigungsstelle (joint conciliation committee), which produces a binding decision. The Einigungsstelle path takes typically 2-6 months. Most enterprises find it faster to negotiate a real Betriebsvereinbarung with clear architectural commitments than to fight at the Einigungsstelle with thin policy promises.

Does the Betriebsvereinbarung replace the DPIA?

No. They are parallel documents. The Betriebsvereinbarung is the co-determination instrument under §87 BetrVG; the DPIA is the data-protection impact assessment under DSGVO Art. 35. They overlap on data protection commitments but address different audiences (Betriebsrat vs DPO/Datenschutzbehörde) and different legal grounds (co-determination vs data protection). Both are required for HR-AI in Germany and Austria. See our [DPIA template guide](/blog/ai-dpia-template-edpb-2026/) for the DPIA structure.

Betriebsvereinbarung KI Muster 2026: Beyond Bitkom

Q: What is the difference between a policy promise and an architectural commitment?

A policy promise is 'the employer will ensure that working hours are respected.' An architectural commitment is 'the vendor names the single function that resolves working-hours availability for any user at any moment, and the function is called from every outbound notification path; quarterly audit of off-hours notification timestamps confirms zero bypass.' The first is hopeful; the second is verifiable. The Betriebsrat can ask for the function name, the demo, the audit log. If the vendor cannot show it, the commitment is missing. Architectural commitments survive at the Einigungsstelle when policy promises fail.

A Betriebsvereinbarung KI is the formal written agreement between an employer and the Betriebsrat under §87 BetrVG that governs how AI tools are introduced, monitored, and used in a German or Austrian workplace. Without one, deploying AI that affects employees triggers a co-determination violation: the works council can block the rollout, file a complaint with the Einigungsstelle, and in some cases force a court-ordered shutdown. Co-determination is not optional for AI in jurisdictions that have a Betriebsrat.

2026 is the year the templates landed. Bitkom released its standardized Leitfaden in February 2026 ('KI und Mitbestimmung: Eckpfeiler einer Betriebsvereinbarung für den KI-Einsatz'). IG Metall published its position paper later that quarter. Both are good baselines for a typical Betriebsvereinbarung. Both miss the architectural specifics that distinguish a policy promise ('the employer will respect working hours') from a verifiable commitment ('the employer's vendor must name the single function that resolves working-hours availability, called from every outbound notification path; quarterly audit confirms zero off-hours bypass').

This guide does three things. First, it summarizes what Bitkom and IG Metall cover well (the 80% baseline). Second, it names the architectural specifics they miss (the 20% that distinguishes a verifiable Betriebsvereinbarung from a hopeful one). Third, it provides a clause-by-clause 2026 Betriebsvereinbarung KI draft you can adapt directly, with explicit architectural commitments your vendor either fulfills in writing or fails on. Written for the HR business partner, employment lawyer, or Betriebsrat member preparing for the next negotiation.

For the broader EU AI compliance picture, start with our AI governance and compliance EU pillar. For the working-hours cascade architectural detail referenced below, see the betriebsrat AI chat rollout playbook.

§87 BetrVGthe statute that makes Betriebsvereinbarung mandatory for AI tools affecting employees

Feb 2026Bitkom Leitfaden 'KI und Mitbestimmung' published

80/20Bitkom + IG Metall cover the 80% baseline; the 20% gap is architectural specifics

5architectural commitments that turn the Betriebsvereinbarung from hopeful to verifiable

What Bitkom and IG Metall Cover (the 80% Baseline)

The Bitkom Leitfaden lists what every Betriebsvereinbarung KI should cover. The IG Metall position adds union-side emphasis on transparency and rights-of-affected-individuals. Together they form a solid baseline:

Purpose and scope (which AI tools, which employee groups, which deployments), information and consultation rights of the Betriebsrat, data protection commitments (DSGVO-anchored), employee training and AI literacy (EU AI Act Art. 4 obligations), transparency to affected employees (Art. 26(11) AI Act), monitoring and audit rights for the Betriebsrat, co-determination on changes (any change to AI tool scope requires renewed agreement), dispute resolution (Einigungsstelle path), term and termination (typical 2-3 year term, automatic renewal).

This baseline is the floor. Every Betriebsvereinbarung KI for 2026 should at least cover these nine topics. Negotiating below the baseline is hard to defend at the Einigungsstelle. The Bitkom and IG Metall templates are good drafting aids; download them, adapt the wording to your context, get sign-off.

What the Two Templates Miss (the Architectural 20%)

The gap in both Bitkom and IG Metall templates is the same: they treat the AI tool as a black box and demand policy commitments around its use, rather than demanding architectural commitments inside the tool itself. The employer will ensure is the dominant verb. The vendors system enforces' is rare. This is the gap that fails at the Einigungsstelle when the AI starts doing what the policy said it would not, because no architectural mechanism blocked the failure mode.

The five architectural specifics every 2026 Betriebsvereinbarung KI should add are below. Each one is verifiable in code by the vendor, not just claimed in policy. The Betriebsrat can ask for the function name, the demo, the audit log. If the vendor cannot show it, the architectural commitment is missing and the Betriebsvereinbarung clause is hopeful, not real.

Architectural commitment	What the Betriebsrat asks	What proves it
5-tier working-hours cascade	Name the single function that decides whether a notification can fire right now, called from every outbound path	Code reference + audit log of off-hours-blocked attempts
7-ring permission architecture	Show me how a 23:00 cross-tenant message is structurally blocked, not just policy-blocked	Single CheckEntityVisibility helper + recipient scope guard in production
Snapshot guard against drift	How do you stop the AI from hallucinating employee names when bulk-updating?	expected_field echo mechanism + SNAPSHOT_MISMATCH error in audit log
Three independent audit logs	Show me the Betriebsrat-visible audit trail for one AI action from yesterday	ontology_action_log + plugin_audit_log + activity_stream, queryable
14-stage outbound pipeline	Confirm every notification goes through the same pipeline, no priority carve-outs	Code path diagram + audit of off-hours timestamps over 30 days

Audit Your AI for Betriebsvereinbarung Readiness

Free AI governance assessment maps your AI deployments against the 5 architectural commitments. Output: which a Betriebsrat can verify, which are policy-only, what to negotiate before the next session.

Try It Free

Clause-by-Clause 2026 Betriebsvereinbarung KI Draft

The 12-clause skeleton below combines the Bitkom + IG Metall baseline with the five architectural specifics. Each clause is the minimum content; expand based on your specific AI deployment, sector, and Betriebsrat priorities. Adapt the wording, especially the named function references, to match your actual vendor architecture (the example uses our own production system; your vendor's function names will differ).

Clause 1: Purpose, scope, AI systems covered

Name the specific AI systems (vendor name, version, deployment scope). Define affected employee groups. List excluded deployments. Without specificity, the agreement is endlessly renegotiable.

Clause 2: Lawful basis and DSGVO compliance

DSGVO Art. 6 basis (typically legitimate interest or employee consent). Reference the DPIA. Name the DPO. State that AVV exists with the vendor.

Clause 3: EU AI Act classification (Annex III)

State the AI Act classification with reasoning. For Annex III high-risk, reference the conformity assessment evidence and the provider's CE marking. Name the deployer obligations being met (human oversight, monitoring, logs, FRIA, transparency, incident reporting).

Clause 4: Working-hours cascade (architectural)

All outbound notifications are subject to a single 5-tier working-hours cascade resolver (person, team, organizational unit, company, global), called from every outbound notification path. The vendor names the resolver function in writing. Quarterly audit of off-hours notification timestamps confirms zero bypass.

Clause 5: Permission architecture (architectural)

Per-row access control is enforced by a single named helper function. Outbound actions (send_message, schedule_meeting) verify the recipient is in the senders visible scope before execution; cross-tenant attempts are blocked and audited.'

Clause 6: Drift defense (architectural)

AI bulk-update operations on free-text fields require an expected_field echo from the most recent list/find call. If the echo does not match the recorded snapshot, the update is rejected with a SNAPSHOT_MISMATCH error. The mechanism is mathematically applied to team-member names and action descriptions.

Clause 7: Three independent audit logs

Three independent audit logs cover (a) entity access and ACL denials, (b) plugin invocations, (c) agent reasoning steps. All three are queryable by the Betriebsrat through a designated reporting endpoint. Logs are retained for at least 6 months per EU AI Act Art. 26(6).

Clause 8: Transparency to affected employees

Per Art. 26(11) AI Act: explicit notice in onboarding, in chat tools, in the employment portal. Names the system, its purpose, the affected individual's rights (object under DSGVO Art. 22, request explanation under AI Act Art. 86). Generic DSGVO notice does not substitute.

Clause 9: AI literacy training (EU AI Act Art. 4)

Mandatory AI literacy training for all employees who interact with the AI, with documented completion records. The Betriebsrat co-designs the training content. Refresher at least annually. EU AI Act Art. 4 has been in force since February 2025.

Clause 10: Betriebsrat audit and monitoring rights

Quarterly Betriebsrat audit access to the three audit logs. Right to review any AI session step-by-step on request. Vendor must support an external audit by a Betriebsrat-nominated auditor at least once per term, at employer cost.

Clause 11: Co-determination on changes

Any material change to the AI tool scope, vendor, or architectural commitments triggers renewed Betriebsrat consultation. Material changes include: switching the underlying LLM provider, adding a new deployment use case (recruitment, performance, etc.), changing the data flow scope, removing an architectural commitment.

Clause 12: Term, termination, dispute resolution

Typical 2-3 year term with automatic renewal absent objection 3 months before expiry. Disputes go to the Einigungsstelle. Either side can trigger an out-of-cycle review on serious incident (AI hallucination event, cross-tenant breach, off-hours notification audit failure).

The clause that wins Betriebsräte over: Clause 4 (working-hours cascade) plus Clause 7 (audit logs) together. Most Betriebsräte are skeptical because vendors have promised working-hours respect before and broken it. Quarterly audit-log access of off-hours notification timestamps, with vendor name commitment in writing, converts skepticism into structural trust. Add these clauses; watch the negotiation accelerate.

Run an AI Readiness Check

8-minute AI readiness assessment covers working-hours cascade, permission architecture, audit-trail design, and Annex III obligations. Free, structured report you can share with the Betriebsrat.

Try It Free

Key Takeaways

1. Bitkom Feb 2026 + IG Metall = 80% baseline. Both templates are good; both miss the architectural 20%.

2. The 20% is the verifiable part. Working-hours cascade, 7-ring permissions, snapshot guard, three audit logs, single outbound pipeline. Each is a code mechanism, not a policy promise.

3. Clause 4 + Clause 7 wins skeptical Betriebsräte. Working-hours cascade + audit-log access converts skepticism into structural trust.

4. Vendor architecture matters at the negotiation table. Ask for the function name. Demand it in writing. We respect working hours is hopeful; named function + quarterly audit is verifiable.

5. §87 BetrVG is not optional. Deploying AI affecting employees without Betriebsvereinbarung is a co-determination violation. Get the agreement before the rollout, not after.

Works Council Agreement for AI: What Bitkom and IG Metall Did Not Cover in 2026