logo

Search

logo

More

              Data Protection & Privacy

              It is said that information is the oil of the 21st century. However, exploitation of personal information is regulated to protect individual freedom. Let us help you leverage data analytics in a manner compliant with data protection laws, and master the new challenges of the European General Data Protection Regulation.

              To find out more about our global legal services please visit our global site

              Data analytics is transforming how business is conducted
              Most things, interactions and behaviour are quantifiable and measureable. Availability of vast amounts of information and a matching analytical toolkit permeate and transform most industries. Businesses seek to leverage the information that is ever more readily available to reduce costs of doing business, and to expand their business.

              Some of this information, however, is protected by law as personal information. Data protection law is rapidly becoming one of the key areas of law, with which businesses need to comply in order to maximize the benefits from their data pools while avoiding possibly painful penalties.

              Changing compliance landscape
              With the upcoming European General Data Protection Regulation (GDPR), businesses not only across Europe, but all over the world will face new challenges in the area of data protection law. 

              • A new level playing field: The far reach jurisdiction of the GDPR extends the existing level of protection awarded to EU residents. Not only businesses in the EU, but also to businesses servicing the EU single market from outside the EU will need to comply with the high data protection and privacy standards. This may not only lead to better protection of the individuals’ rights, but also to a mitigation of (perceived) unfair competitive advantages for businesses operating out of lesser regulated jurisdictions.
              • New obligations for European businesses: As the next step in harmonizing data protection law across Europe will be taken in May 2018, businesses in many European jurisdictions will face new obligations. This may include becoming familiar with the concept of data protection officers, documenting data processing activities and being held accountable for the lawfulness of data processing and having in place the necessary technical safeguards.

              While legal compliance in itself – as well as the substantial possible fines – is certainly a good enough reason to take data protection seriously, there is more. Businesses have come to realize that data breaches are not only costly, but also damaging for businesses’ reputation. 

              Therefore, a good strategy on data protection and data security is seen as a vital component to foster greater trust of employees, customers and suppliers alike. And trust is, after all, the key to business growth and success.

              How we can help 
              We have lawyers advising on data protection law in most European jurisdictions with DWF offices. They each advise clients from all sectors and industries and go to considerable lengths to understand relevant technologies and business practices, and are able to communicate the legal concepts and requirements to clients without legal background in the client’s own language without unnecessary legal jargon.

              Our services
              Our services in the area of data protection include advice on:

              • classification of data to determine applicability of data protection law, especially in big data analytics situations,
              • assessment of the lawfulness of specific data processing activities,
              • data protection impact assessments, and possible measures to mitigate risks to the rights and freedoms of natural persons,
              • documentation and records of processing activities,
              • necessity for, and appointment of a data protection officer,
              • training for data protection officers and employees handling personal information, both for European and “third country” organizations,
              • inter-group or international data transfer, including data processing clauses and appropriate safeguards,
              • technical and organizational measures necessary to ensure compliance with data protection requirements,
              • drafting of declarations, such as privacy policies or consent,
              • management and fulfilment of rights of data subjects, such as information, correction or deletion rights, as well as right to data portability,
              • negotiation and drafting of contracts with data processors or third party recipients, or
              • contentious disputes, either out-of-court or in court, against supervisory authorities, contract partners or data subjects.

              For more information visit our Technology and Communications sector >

              Klaus Brisch, LL.M. (USA)

              • Partner // Global Head of Technology // Certified Information Technology Attorney

              Marco Müller-ter Jung, LL.M. (Informationsrecht)

              • Partner // Certified Information Technology Attorney

              Florian Daniel, LL.M. (Media Law)

              • Senior Associate // Certified Attorney for Intellectual Property Rights