Under the European General Data Protection Regulation many companies will be required to appoint a Data Protection Officer. Violating the requirements relating to the appointment of a DPO can be sanctioned with fines of up to EUR 10 million or up to 2 percent of the total worldwide annual turnover, whichever is higher. So, who do you appoint as your DPO?

An attorneys’ data privacy initiative brought an action against the Adequacy Decision in the CJEU claiming that the Adequacy Decision of the European Commission is null and void.

German Data Protection Authority fined a company for having the IT manager appointed as Data Protection Officer – A greater risk under the European General Data Protection Regulation?

On March 1, 2016 the German Federal Court of Justice ruled on the duty of an online review portal operator to verify reviews.

In a recent decision, the Court of Justice of the European Union (ECJ) determines how the term “establishment” used in the EU Data Protection Directive 95/46/EC must be interpreted and thereby on the applicability of national data protection law in cases with a cross-border context as well as on the power of national data protection authorities in this regard. This has practical implications.