On February 18, 2021, the District Court of Berlin overturned a €14.5 million fine that had been imposed on German real estate company Deutsche Wohnen SE. The Court held that the fine – which was issued by the Berlin Supervisory Authority (“SA”) and had been the second highest fine in Germany so far under the … Continue Reading

A New Day for GDPR Damages Claims in Germany?

By Lars Lensdorf, Robert Henrici, Moritz Hüsch and Nicholas Shepherd on February 25, 2021 Posted in Data Breaches, Data Privacy, GDPR

Until now, damages claims awarded by German courts pursuant to Article 82 of the General Data Protection Regulation (“GDPR”) – in particular, claims for non-material damages – have been relatively low. This restrained approach thus far has been predicated primarily on the position that German law requires a serious violation of personality rights to justify … Continue Reading

German Supervisory Authorities Plan to Circulate Questionnaires on Personal Data Transfers in Wake of Schrems II Decision

By Lars Lensdorf, Moritz Hüsch and Kristof Van Quathem on February 24, 2021 Posted in Data Privacy, EU Data Protection, European Union, GDPR

On February 3, 2021, the Conference of the Supervisory Authorities (“SAs”) of Germany (known as the Datenschutzkonferenz or “DSK”) published minutes from its meetings held in November 2020 (available here, in German). The minutes include discussions about how the German SAs plan to enforce the recent Schrems II ruling of the Court of Justice of … Continue Reading

Germany Publishes New Draft Rules for Cookies and Similar Technologies

By Moritz Hüsch, Kristof Van Quathem, Ulrike Elteste and Anna Oberschelp de Meneses on January 27, 2021 Posted in Advertising & Marketing, Data Privacy, GDPR, International

On January 12, 2021, the German Ministry for the Economy and Energy released a new draft Law on Data Protection and the Protection of Privacy in Telecommunications and Telemedia (“TTDSG” or “draft law”). If enacted, the draft law will replace the existing data protection and privacy provisions of Germany’s Telemedia Act and Telecommunications Act (“Telemedia … Continue Reading

German Federal Government Passes Draft Law Amending Germany’s Information Technology Laws

By Moritz Hüsch and Anna Oberschelp de Meneses on January 15, 2021 Posted in Cybersecurity, Cybersecurity

On December 16, 2020, the German Federal Government passed a draft law that substantially amends some of Germany’s information technology laws (“IT laws”). These amendments aim to adapt the current legal framework to the increasing digitalization of products and services, the proliferation of IoT products, and the appearance of new cybersecurity threats. The draft law … Continue Reading

AI, IoT, and CAV Legislative Update: EU Spotlight (Third Quarter 2020)

By Moritz Hüsch, Lisa Peets, Miranda Cole, Jennifer Johnson, Lee Tiedrich, Marty Hansen, Sam Jungyun Choi, Brandon Rattiner, Rebecca Yergin and Marianna Drake on October 6, 2020 Posted in Artificial Intelligence (AI), Autonomous Vehicles, Cybersecurity, European Union, Internet of Things (IoT)

In this edition of our regular roundup on legislative initiatives related to artificial intelligence (AI), cybersecurity, the Internet of Things (IoT), and connected and autonomous vehicles (CAVs), we focus on key developments in the European Union (EU).… Continue Reading

New Calculation Model for Data Protection Fines in Germany

By Moritz Hüsch and Ulrike Elteste on September 10, 2019 Posted in Data Privacy, EU Data Protection, European Union

Update, September 19, 2019: Further to the reports on its scheme for calculating fines, which prompted requests on the supervisory to publish it, the Datenschutzkonferenz has clarified that fines in individual cases are calculated on the basis of Art. 83(2) GDPR, and that the model is only used on a complimentary basis. Furthermore, the model … Continue Reading