Blog EN
Federal Court of Justice on SCHUFA reporting: No punitive damages for GDPR violation
On January 28, 2025, the Federal Court of Justice (BGH), case no. VI ZR 183/22, confirmed a ruling by the Koblenz Higher Regional Court (OLG), which awarded a consumer a claim for damages in the amount of EUR 500 against a telecommunications company due to a SCHUFA...
Cyber Resilience Act: New Legal Framework and Recommendations for Companies
Cyber Resilience Act: New Legal Framework and Recommendations for Companies Introduction and Overview of the Cyber Resilience Act With the Cyber Resilience Act (CRA), the EU is introducing binding regulations for the first time that establish fundamental requirements...
BGH recognizes first provisions of the GDPR as market conduct rules
In its rulings of March 27, 2025 (Ref. I ZR 186/17, I ZR 222/19 and I ZR 223/19), the German Federal Court of Justice (BGH) qualified specific provisions of the General Data Protection Regulation (GDPR) as market conduct regulations within the meaning of Section 3a of...
Controller or processor or…? – Self-discovery in data protection
The classification of the actors involved in data processing can lead to complicated demarcation issues in individual cases, even if the distribution of roles specified by the GDPR is straightforward. Thus, controllers and processors may be involved in the processing...
Competence of national competition authorities in GDPR matters
According to the case law of the ECJ, national competition authorities may also check for violations of the GDPR as part of their competition law review. Opinion of the Court In this regard, the ECJ states in a press release on the judgment in case C-252/21 days:"In...
Regulation of Artificial Intelligence (“AI”) – Current state of AI Regulation and Recommendations for companies
There are few companies or institutions that do not apply AI, considering that spam filters, antivirus protection, and automated language translations are based on AI technologies. While AI applications streamline internal processes and save costs for companies, they...
Balance: Operational IT <-> IT Security <-> Data Protection
Weight distribution - basic concepts Crises like Covid-19 are forcing companies to rethink their processes and adapt their IT structure to these processes. Companies need to maintain a balance between the different functional areas within their organizations. The...
Breach Counselor
IT Security Incident Crisis Management In today's world, data breaches are becoming increasingly common and can have devastating consequences for individuals and businesses. If you have been the victim of an IT security incident, a legal advisor (Breach Counselor) can...
NIS-2 Directive: What companies need to consider to ensure cybersecurity
In today's digital era, businesses are more dependent than ever on the benefits of modern technologies. But with this advancing digitalization also comes increased risks, particularly with regard to cyberattacks and data breaches. To ensure the security of information...