Hunton Andrews Kurth LLP (LexBlog Germany)
-
German BGH Ruling on Consent for Cookies and Third-Party Advertising
On May 29, 2020, the German Federal Court of Justice, Germany’s highest court for civil and criminal matters, issued its ruling on case Planet49 regarding consent requirements for the use of cookies and telemarketing activities.
-
Berlin Commissioner Issues Fine to Deutsche Wohnen SE
On November 5, 2019, the Berlin Commissioner for Data Protection and Freedom of Information announced that it imposed a fine of €14.5 million on a major real estate company, which is the highest fine issued in Germany since the EU General Data Protection Regulation became applicable.
-
Merkel Calls for Balanced Approach to Data Protection Regulation
Recently, German chancellor Angela Merkel spoke at Germany’s 10th National IT Summit, and called for EU Member States to take a pragmatic approach to the application of EU data protection laws.
-
Germany Adopts Law to Enable Class Actions for Data Protection Violations
On December 17, 2015, the German Federal Diet (Bundestag) adopted a draft law introducing class action-like claims that enable consumer protection associations to sue companies for violations of German data protection law.
-
CIPL Advisor Fred Cate Moderates Discussion Panel on Transatlantic Data Protection Issues
On November 2, 2015, Hunton & Williams LLP’s Centre for Information Policy Leadership Senior Policy Advisor, Fred H. Cate, moderated an academic panel on The Data Dilemma: A Transatlantic Discussion on Privacy, Security, Innovation, Trade, and the Protection of Personal Data in the 21st Century.
-
Germany Adopts a Draft Telecom Data Retention Law that Includes a Localization Requirement
On May 28, 2015, the German government adopted a draft law that would require telecommunications and Internet service providers to retain Internet and telephone usage data.
-
German DPAs Host Event Regarding U.S.-EU Safe Harbor Framework and Initiate Administrative Proceedings Against Two U.S. Companies
On January 28, 2015, the German conference of data protection commissioners hosted an event to support European Data Protection Day. The event focused on the U.S.-EU Safe Harbor Framework and the surveillance programs of U.S. intelligence agencies.
-
Discovery of 13-Year Hacking Scheme Highlights Questions About Cyber Insurance Coverage
A hacking operation that breached government servers, banks and corporations in Germany, Switzerland and Austria for more than a decade highlights concerns about the extent to which such breaches are covered by specialty cyber insurance policies.
-
Germany Issues Revised Draft Cybersecurity Law
On August 19, 2014, the German Federal Ministry of the Interior published a revised draft cybersecurity law. The Draft Law is intended to serve as a cornerstone of Germany's recently-announced digital agenda.
-
Federal German Court Ruling Protects Online Anonymity in Civil Proceedings
On July 1, 2014, the highest federal civil court in Germany ruled that website operators cannot be compelled to disclose a user's personal data to third parties in the context of civil defamation proceedings.
-
Federal German Court Rules on Credit Scoring and Data Subject Access Rights
On January 28, 2014, the Federal Court of Justice of Germany clarified the scope of a data subject's right of access to personal data in the context of credit scoring.
-
Commissioner Reding Comments on EU General Data Protection Regulation Negotiations
On September 6, 2013, Vice-President of the European Commission and Commissioner for Justice, Fundamental Rights and Citizenship Viviane Reding traveled to Berlin where she commented on the status of the negotiations on the proposed EU General Data Protection Regulation. In her remarks, Commissioner Reding noted that the Proposed Regulation could be implemented without the agreement of every EU...
-
German DPAs Halt Data Transfer Approvals and Consider Suspending Transfers Based on Safe Harbor, EU Model Clauses
On July 24, 2013, Federal and State Data Protection Commissioners in Germany issued a press release stating that foreign intelligence and security agencies threaten international data traffic between Germany and countries located outside the European Union.
-
German Parliament Passes New Telecom User Data Access Bill
On May 3, 2013, the German Federal Council passed a new bill regarding access to telecom user data, such as names, addresses, passwords and credit card PIN codes.
-
German Court Rejects DPA’s Appeal, Finds Irish Law Applicable to Facebook in Germany
On April 22, 2013, an administrative court in Germany ruled in Facebook’s favor, finding that the company’s German operations must comply with Irish, not German, data protection law.
-
German DPAs Adopt Resolutions on Proposed U.S.–EU Free Trade Zone, Social Networks and EU Data Protection
On March 14, 2013, the 85th Conference of the German Data Protection Commissioners concluded in Bremerhaven. This blog post provides an overview of several key resolutions adopted during the Conference.
-
German Courts Rule on Works Council Independence and Deletion of Email Accounts
In two recently-published German court decisions, the courts’ rulings impact Germany’s employee data protection law, including strengthening the position of German works councils and clarifying the risks associated with deleting former employees’ email accounts.
-
German Parliament Passes Regulation Affecting Commercial Use of Address Data
On March 1, 2013, the German Parliament passed a new law regulating how businesses may obtain the registered addresses of individuals in Germany from German public authorities.
-
German DPAs Adopt Resolutions on EU Data Protection and IPv6
At the 84th Conference of the German Data Protection Commissioners in Frankfurt (Oder), German state data protection authorities and the Federal Commissioner for Data Protection and Freedom of Information discussed current issues and adopted four Resolutions aimed at harmonizing the application of data protection law across Germany.
-
Stricter Enforcement of German Advertising and Marketing Rules Effective September 1
As of September 1, 2012, all personal data in Germany may only be processed and used for marketing purposes (including address trading) with the express opt-in consent of the affected individuals. This blog entry provides a brief overview of some exceptions to the new rules.
-
German Data Protection Association Issues Report on “Uniform Data Protection Law in Europe through Regulation”
On November 17, 2011, the German Association for Data Protection and Data Security held its 35th Privacy Conference in Cologne, Germany. At the opening plenary session, Paul Nemitz, Director for Fundamental Rights and Citizenship of the European Commission, announced that the European Commission plans to implement a Regulation to harmonize data protection laws in Europe.
-
German Ministry Announces Development of a Self-Regulatory Code for Social Networks
On November 2, 2011, Germany’s Federal Minister of the Interior met with stakeholders from the social networking industry and announced the development of a self-regulatory code for social networks aimed at increasing data protection, consumer protection and the protection of minors on the Internet.
-
Use of Google Analytics Now Lawful in Germany, Subject to Certain Guidelines
On September 15, 2011, the data protection authority of the German federal state of Hamburg published a press release confirming that Google has significantly improved compliance with respect to the implementation of Google Analytics in Germany.
-
Facebook Endorses Self-Regulation in Germany
On September 8, 2011, Facebook's Director of European Public Policy met with the German Federal Ministry of the Interior and endorsed a future self-regulatory code for social networks with a focus on data security, consumer protection and minor protection.
-
European Commission Seeks Germany’s Compliance with ECJ Judgment on DPA Independence
On April 6, 2011, the European Commission formally requested that Germany immediately comply with a March 9, 2010 judgment by the European Court of Justice concerning the independence of German data protection authorities.
-
European Court of Justice Rules on German DPA System
On March 9, 2010, the European Court of Justice ruled that the Federal Republic of Germany's practice of "state supervision" over data protection authorities violates EU Data Protection Directive 95/46/EC.
-
Germany Adopts Stricter Data Protection Law – Serious Impact on Business Compliance
On July 3, 2009, the German Federal Parliament passed comprehensive amendments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009. The new amendments cover a range of data protection-related issues, including marketing,...
-
First German Study about Costs of Data Breach Published
In February 2009, the Ponemon Institute published the results of its inaugural study “Germany – 2008 Annual Study: Cost of a Data Breach.” The study is the first such research study undertaken in Germany, using data from actual incidents to estimate the costs of dealing with data breaches by German companies. The study examined the...
-
German Social Networks Signed Code of Conduct
On March 11, 2009, the operators of Germany’s leading social networks, which include “schuelerVZ,” “studiVZ,” “lokalisten” and “wer-kennt-wen,” signed a 17-page Code of Conduct by the Association for Voluntary Self-Regulation of Multimedia Service Providers (the “Code”) in order to protect children and young people. The Code of Conduct aims to improve data protection and consumer...