Category Archives: Germany

After years of drafting and debating, the EU General Data Protection Regulation (GDPR) was approved by the European Parliament yesterday (14 April). It is expected to be published in the EU Official Journal in the coming weeks. What? The GDPR sets the new EU-rules for handling of personal data. It will substitute local EU data protection laws. However, the GDPR contains over 50 “door openers” for local member state laws (see this nice graphic which illustrates the point: https://www.flickr.com/photos/winfried-veil/24134840885/in/dateposted/). Life for international companies, therefore, will not get easier as they will not avoid the need to assess local member state laws. When? The GDPR will enter into force 20 days after its official publication, estimated to be between May and July 2016. Companies will then have two years to prepare until the GDPR actually applies (two years after entering into force – i.e. May – July 2018).  Who? All businesses in … Continue Reading ››
The likely demise of the US Safe Harbor is dominating the data news headlines - but what else is happening in the world of data and cyber regulation? Datonomy provides a round up of other recent developments in Europe and Asia. With contributions from Andreas Splittgerber and Christian Leuthner in Germany, Sofia Fontanals in Spain and Matthew Hunter, Daniel Jung and Aisling O’Dwyer in Asia, in this update we cover:
  • EU policy and regulation including latest news from Brussels on the GDPR and NISD
  • News from the UK
  • News from Germany
  • News from Spain
  • News from Asia
EU POLICY AND REGULATION
  • GDPR and NISD: Commission President Junker has yet again affirmed the “swift adoption” of the GDPR and NISD as priorities in this open letter of 9 September to the European Parliament. Below we take a more detailed look at the recent procedural progress of these two (not-so-swift) proposals.
Datonomy's correspondents in Germany have just published their latest update on IT and data protection developments. It includes:
  • a status update on the GDPR, on which further trilogue negotiations took place this week
  • fines imposed for illegal data transfers in asset deals
  • fines imposed for insufficiently detailed data processing contracts
  • a recent decision on the legality of framing
  • a recent ruling on take down
Plus other recommended reads and status updates on draft legislation.  You can read it in full here.
  The latest round up of legal, regulatory and other news from the Datonomy blogging team at Olswang LLP. With thanks to: Christian Leuthner in Munich, Aisling O’Dwyer and Matt Hunter in Singapore, and Callum Monro-Morrison in London for their contributions to this week’s alert. EU POLICY AND REGULATION
  • Datonomy’s correspondent in Munich, Christian Leuthner has tweeted, that Germany’s IT Security Act came into force on 25 July. See his more detailed coverage of the new Act here
  • Network and Information Security Directive: A glimmer of progress on the EU’s draft NISD in the past week, with the mention on the Council’s Consilium website of a Council document “Drafting suggestions on operators providing essential services”. As Datonomy readers will be aware, one of the sticking points on the Directive has been the extent to which online services should be caught by the new rules. At the end of … Continue Reading ››
Content I. German Data Protection authorities impede data transfers to the US II. Afterquake of Google Spain in Germany: Google is liable for search engine hits III. ECJ: Courts at the place of harmful event are competent for actions against online copyright infringements IV. Implementation of company Facebook fansite does not trigger a co-determination right V. Update Fingerprinting - Article 29 Working Party demands information and user consent VI. Outlook on bills and new laws and recommended reads   I. German Data Protection authorities impede data transfers to the US by Dr. Franziska Schröter In January 2015, data protection authorities of Berlin and Bremen proclaimed the initiation of administrative proceedings (available in German here) against U.S. companies due to Safe Harbor based data transfers. This is the first time that German data protection authorities took legal actions against data transfers based on the Safe Harbor framework. It is important to note that other German authorities (e.g. … Continue Reading ››
As Datonomy readers may know October is Cybersecurity Month - a good time to read the second edition of Olswang's Cyber Alert. There is no doubt that cyber security is rising up the international as well as the business agenda. NATO recently adopted an amendment to its charter to put cyber attacks on the same footing as armed attacks – see paragraph 72 of NATO’s Declaration. In this edition:
On August 19, 2014, more than one year after the first draft bill of an IT Security Act, the German Federal Ministry of the Interior has published the new draft bill of the Act, aimed at boosting the security of information technology systems. The full title of the legislation is “Entwurf eines Gesetzes zur Erhöhung der Sicherheit informationstechnischer Systeme" (IT Sicherheitsgesetz) (“IT Security Act”). The new rules are still subject to change but look likely to come into force in early 2015. General overview In fact, the IT Security Act will not be an individual law, but will amend the Act on the Federal Office for Information Security, the Telecommunication Act, the Telemedia Act and the Act on the Federal Criminal Police Office as well as the Act on the German Federal Office of Information Security. The IT Security Act contains five central topics and provides for: