Latest Articles

On April 27, 2017, the German Federal Parliament voted to approve the new proposed German Federal Data Protection Act (“new FDPA”). The law would adapt the current German data protection law to the EU General Data Protection Regulation (GDPR). The federal chamber of the states, the German Federal Council, is expected to approved the new FDPA in the next month, without major changes.  Once approved by the Federal Council, the new FDPA will…
The German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin) recently commented on the ever increasing relevance of IT-security and IT-compliance for financial service providers. Within the comments, BaFin referenced new legal requirements as well as  new guidance. Over the last couple of days, BaFin also launched a public consultation on its draft guidance regarding supervisory requirements on IT-infrastructure. Legal framework Due to the increased risk for and occurrence of cyber-attacks new statutory requirements for…
Ten German data protection authorities (DPAs), led by the Berlin DPA, announced today that they will send formal questionnaires to about 500 companies in Germany to assess the scope of the companies’ cross-border data transfers. In a press release, the DPAs pointed out that the export of personal data to non-EU countries has become a common practice for major international, as well as small and medium sized companies, without, as the authorities say, adequate…