Photo of Katharina A. Weimer

At the Data Protection Conference in Berlin, the Berlin and Hamburg Data Protection Commissioners (Commissioners) made a number of important announcements regarding the ‘inadequacy’ of the EU/U.S. Safe Harbor Program.

Both Dr. Alexander Dix and Prof. Johannes Caspar, Commissioners for Berlin and Hamburg respectively, asserted that U.S. companies do not protect data to the same

According to the opinion of the Advocate General Pedro Cruz Villalón, published 12 December 2013, the Directive 2006/24/EC is as a whole incompatible with the requirement, laid down in the Charter of Fundamental Rights, that every limitation on the exercise of a fundamental right must be provided for by law. The Directive itself should already

According to a press release Monday, the Hamburg Officer for Data Protection and Freedom of Information issued a fine in the amount of €145,000 against Google Inc. for illegal recording of information from Wi-Fi networks.

While Google’s cars roamed the streets in Germany during the years 2008-2010, they not only took pictures of houses and

The German Federal Labor Court had to decide on a work council’s demand to be provided with a personal computer with a group account for access to the internet (in contrast to personalized internet access for the individual works council members). The district court had denied the request; the higher regional court had reversed the

One more chapter to the never ending story of the protagonist Facebook and ULD, the data protection authority of Schleswig-Holstein, has been written. Last week, a German administrative court decided that contrary to ULD’s official order, Facebook cannot be forced to permit the use of pseudonyms for its users.

While the ULD was sure that

The Schleswig-Holstein data protection authority (“ULD”) has published a series of recommendations on how to provide and use cloud computing services in a way that is compliant with German and European data protection laws. The recommendations are based on the Article 29 Working Party (the “Working Party”) Opinion on cloud computing (see our client alert

On March 6, 2012, the Regional Court of Berlin issued a ruling on a case initiated by the Verbraucherzentrale Bundesverband, the Federation of German Consumer Organisations, against Facebook Ireland Limited. The court took this rare opportunity to object to several key features of Facebook’s user experience and actions:

  1. The court criticized that users

On November 23, 2010, the data protection authority (the “DPA”) of the German federal state of Hamburg fined regional financial institution Hamburger Sparkasse AG (“Haspa”) €200,000 for illegally allowing its customer service representatives access to customers’ bank data, and for profiling its customers and also granting the representatives access to such profiles. The bank cooperated with the DPA and immediately discontinued the illegal practices.

From the end of 2005 until August 2010, Haspa allowed its self-employed, external customer service representatives access to customer bank data, often without having first obtained the customers’ consent. According to the DPA, the number of bank accounts accessed is not clear. The bank was aware of this practice through reviews of log files that detailed the representatives’ access.Continue Reading Hamburg DPA Files Bank €200,000 For Accessing Customer Data and Customer Profiling

A few days following the concession made by BlackBerry manufacturers, Research in Motion (RIM), to provide Indian security agencies access to their encrypted data, India’s Home Minister P. Chidambaram held “security to be more important than privacy”.

Security concerns in India have certainly risen following the terror attack on Mumbai in November 2008, the worsening