


New EU Directive on Notified Bodies
New EU whistleblower directive The new EU whistleblower directive will apply from December 17, 2021. This initially obliges companies with at least 250 employees and, from December 17, 2022, also companies with at least 50 employees to report...
Data protection and software development
Data protection and software development Software developers are often confronted with the hurdles of data protection. The impression quickly arises here that data protection and software development are two incompatible topics. Therefore, the following...
Fine due to outdated software when operating a web store
Fine due to outdated software when operating a web store A company from Lower Saxony was recently fined €65,500 for operating a web store with outdated software. The security vulnerabilities caused by the old software version...
GDPR fine for Amazon: 746 million euros
GDPR fine for Amazon: 746 million euros Due to a class action lawsuit filed by more than 10,000 people and the French civil rights organization "La Quadrature du Net", which is not only against Amazon, but also against Google, Apple, Microsoft and Facebook,...
Data protection and autonomous driving
Data protection and autonomous driving According to the German government, autonomous driving cars are to be tested in regular operation in projects starting in 2022. However, it is in the nature of self-driving and connected cars that a lot of data (including sensitive data) is generated,...
Liability of the Managing Director for Information Security in the Company
Liability of the managing director for information security in the company Nowadays, it is hard to imagine a company without IT and digital business processes. However, in addition to the many advantages of digitization, it also offers high risks: If every...
Digital certificates from 2023
Digital credentials The Online Access Act (OZG) stipulates that citizens and companies must be able to use all administrative services directly, easily and securely online by the end of 2022 at federal, state and local level. An initial implementation project...
Are GDPR fines - insurable?
Are GDPR fines - insurable? Compared to its legal predecessor, the GDPR contains stricter sanction mechanisms. The aim of this is to ensure that the provisions of the GDPR are actually complied with. Article 83 of the GDPR contains a sanction option: The...
Recording of video conferences and online events permissible?
Recording of video conferences and online events permissible? In times of online events and video conferencing / home office / home schooling, numerous meetings now take place in digital form via hopin, Zoom, Skype, Microsoft Teams, Google Meet, BigBlueButton and...
Controller and processor - GDPR basics
Controller and Processor - GDPR Basics The terms "controller" and "processor" are central to the GDPR. Whoever is a controller or processor is subject to the corresponding obligations under the GDPR. But from when exactly...