Home / People / Christian Runte
Portrait ofChristian Runte

Christian Runte

Partner
Rechtsanwalt

CMS Hasche Sigle
Nymphenburger Straße 12
80335 Munich
Germany
Languages German, English

Christian Runte specializes in technology projects, with a special focus on data protection law. He is also widely experienced in handling German and international technology transactions and IT outsourcing projects. Christian’s clients include international technology companies and service providers who particularly appreciate his negotiation skills and solution driven approach.

Christian is co-head of the CMS data protection group and chair of the privacy and data protection group of the World Law Group.

Christian led numerous EU and international data protection and technology projects across several jurisdictions.

Christian, who has been a partner at CMS since 2008, started his legal career with a leading firm in São Paulo (Brazil) and Munich before co-founding an e-commerce business in 1998. He joined CMS in 2000 and was seconded to CMS London in 2004.

more less

„Oft empfohlen“ für IT-Recht und Datenschutz

JUVE Handbuch, 2023/2024

Listed as notable practitioner

Chambers Europe, 2023

Listed as leading individual

Chambers Europe, 2023

Listed for IT Law

Deutschlands beste Anwälte 2023 – Handelsblatt in Kooperation mit Best Lawyers

Listed for Data Protection Law

Deutschlands beste Anwälte 2023 – Handelsblatt in Kooperation mit Best Lawyers

Listed as notable practitioner

Chambers Europe, 2021

"Recommended" for Data Protection and Information Technology

JUVE German Commercial Law Firms 2021 (GCLF)

Ranked for TMT: Data Protection - Germany

Chambers Europe, 2020

Listed as a leading lawyer in the category "Germany - Best Law Firms for Data Protection, IT & Outsourcing - 2020"

Leader's League, 2020

Recommended for Data

Who's Who Legal 2020-2021

Recommended for Information Technology

Who's Who Legal 2020 – Data

"Christian Runte is a well-established practitioner with notable experience in outsourcing, e-commerce and special expertise in data protection."

Chambers Europe, 2019

"Christian Runte is a European data protection law expert."

The Legal 500 EMEA, 2016

"Christian Runte is extremely experienced, super well connected and tactically clever.", client

The Legal 500 EMEA, 2022

"finding feasible solutions", client

Chambers Europe, 2022

"He is very direct and precise in his requirements, delivers on time and is really a trusted adviser", client

Chambers Europe, 2022

Listed as Leading Individual

Chambers Europe, 2022

Listed as notable practitioner

Chambers Europe, 2022

"very good", client

JUVE German Commercial Law Firms 2022 (GCLF)

"Recommended" for Information Technology

JUVE German Commercial Law Firms 2022 (GCLF)

"The team also includes the 'extremely experienced, excellently connected and tactically clever' Christian Runte and 'wonderful, intellectual sparring partner' Michael Kamps."

The Legal 500 EMEA, 2022

Memberships & Roles

  • Chairman of the World Law Group’s Privacy & Data Protection Group
  • German Association for Data Protection and Data Security (GDD)
  • German Association of Law and Informatics (DGRI)
  • International Technology Law Association (ITechLaw)
  • German Bar Association
more less

Publications

  • Datensicherheit nach Hackerangriff, PLATOW Recht, Nr. 9, 23. Januar 2019, S. 6
  • Perspektiven für Juristen 2011, "Medien- und IT-Recht", e-fellows.net GmbH & Co. KG, München 2010
  • Handbuch für den Fachanwalt Informationstechnologierecht (Mitautor), Datenschutzrecht, Wolters Kluwer 2008
  • et. al., Special Report: Anonymous Sarbanes Oxley Hotlines in the European Union: Practical Guidance On Compliance For Global Companies, World Securities Law Report, Volume 11, Number 9, pp. 24-30 2008
  • The Practitioners' Guide to the Sarbanes-Oxley Act, Volume II, Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws (Chapter 9), American Bar Association 2008
  • Düsseldorfer Kreis: Whistleblowing Hotlines und Datenschutz, MMR, Heft 6, XXV 2007
  • The Practitioners' Guide to the Sarbanes-Oxley Act, Volume II, American Bar Association, Chicago, Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws (Chapter 9), S.1-29 2006, p. 0
  • EU Richtlinie zur TK-Vorratsdatenspeicherung in Kraft getreten, Informationsdienst IT-Grundschutz, Bundesanzeiger Verlag, Bonn 2006
  • Neue Entwicklungen bei der Vorratsdatenspeicherung von Telekommunikationsdaten, CMS Update Technology 2006, p. 6 f
  • Anonymous Sarbanes Oxley Hotlines in the E.U.: Practical Compliance Guidance for Global Companies, BNA International's World Data Protection Report (www.bnai.com) 2005
  • Anonymous Hotlines for Whistleblowers - The U.S. Sarbanes Oxley Act and European Compliance Issues, Computer Law Review International (CRi) 2005, p. 135 ff
  • Anonymous Sarbanes Oxley Hotlines in the E.U., World Tax and Law Report, Issue 20, BNA International 2005
  • et. al., ANONYMOUS SARBANES OXLEY HOTLINES IN THE E.U.: PRACTICAL COMPLIANCE GUIDANCE FOR GLOBAL COMPANIES, THE SECURITIES REPORTER, Newsletter of the American Bar Association's Section of Business Law Committee on Federal Regulation of Securities, Volume 10 Issue 3 2005, p. 61 ff
  • "EU: Alternative Standardvertragsklauseln für die Übermittlung personenbezogener Daten in Drittländer", MMR (Multimedia und Recht) 2005, p. 17 ff
  • Software und GPSG, Computer und Recht 2004, p. 725 ff
  • Remote Control und Datenschutz, IT-Administrator 2004, p. 52 f
  • Data Mining und Datenschutz, IS-Report, Ausgabe 9 2004, p. 31
  • Vergütung für Softwarepflege bei laufender "Gewährleistung", ITRB (Der IT-Rechtsberater), Heft 11 2003, p. 253 ff
  • Schadensersatz bei Abschaltung eines Webservers (Anmerkung zu AG Charlottenburg, U. v. 11.01.2002 - 208 C 192/01), Computer und Recht, Verlag Otto Schmid, Köln 2002, p. 297 ff
  • Produktaktivierung - Zivilrechtliche Aspekte der "Aktivierung" von Software, Computer und Recht, Verlag Otto Schmid, Köln 2001, p. 657 f
more less

Lectures list

  • Final Countdown to GDPR – The role of data protection officers, Webinar, 20.03.2018
  • Datenschutz, Data Ownership, Lizenz- und Haftungsfragen, Konzerne im Wandel - Fortschritt durch Digitalisierung, München, 21.02.2018
  • Privacy-Tech - Möglichkeiten und Grenzen von Legal Tech bei der Bearbeitung datenschutzrechtlicher Aufgaben, BITKOM Forum Recht, Berlin, 18.05.2017
  • Vertiefungsworkshop zur EU-Datenschutzgrundverordnung / Einbindung des Betriebsrats, 16. CMS-Arbeitsrechtskongress, Frankfurt, 16.05.2017
  • Brexit and implication for Data Protection Law, World Law Group Spring Conference, Warsaw, 12.05.2017
  • Are you ready for the GDPR? - Time to implement your compliance programme, CMS Data Protection Conference, London, 24.02.2017
  • Surveillance society: Big Data, CMS TMC Conference 2016, London, 25.11.2016
  • EU-Datenschutzgrundverordnung 2018, BVDW-Datenschutz-Roadshow, München, 22.11.2016
  • EU-US Privacy Shield und neue europäische Datenschutzregeln – Was erwartet die Digitale Wirtschaft?, BVDW, München, 22.03.2016
  • Safe Harbor: Die Auswirkungen des Urteils des Europäischen Gerichtshofes auf Arbeitsverhältnisse – auch in nicht konzerngebundenen Unternehmen, 6. BPM Arbeitsrechtstag 2016, Frankfurt a.M., 16.03.2016
  • Big Data - Implications for Privacy and Data Protection Compliance in the UK and Germany", Consumer Products Conference, London, 04.06.2015
  • Datenschutzrechtliche Vorgaben beim Datentransfer ins Ausland, Compliance Roadshow 2014, München, 22.07.2014
  • IT-Sicherheit – Truth or Dare, Unternehmensjuristentage 2014, Berlin, 27.06.2014
  • Datenaustausch mit Drittstaaten, BITKOM Forum Recht, Berlin, 14.05.2014
  • Datenschutz aktuell, Corporate Governance Compliance Strategies 2014, Berlin, 05.05.2014
  • Data Processing Agreements under German Law – What is so special?, Privacy Laws & Business Privacy Officers Network Roundtable, München, 28.04.2014
  • Global Data Breaches: Strategies, Notifications and Management, AllClear ID Webinar, 28.01.2014
  • NSA Cyber Spying Programs – Impact on Business Clients in Germany and the EU, Privacy Matters & IP/IT Group Meeting, World Law Group Fall Conference 2013, Boston, 04.10.2013
  • Global Hotlines, Data Protection and FCPA Investigations, IAPP Europe Data Protection Intensive 2013, London, 24.04.2013
  • Whistleblowing – Good Corporate Governance - IAPP Data Protection Congress 2012, Brüssel, 14.11.2012
  • Update Datenschutz, Köln, 10.05.2012
  • Update Datenschutz, München, 09.05.2012
  • Internal Investigations und Datenschutz, München, 14.03.2012
  • E-Mobility und Datenschutz, Erlangen, 07.02.2012
  • Bring Your Own Device, Frankfurt/Main, 06.10.2011
  • Cloud Computing - Data Protection & Security, München, 04.10.2011
  • Datenschutz und Compliance, Stuttgart, 25.03.2011
  • Navigating the Privacy Sea, Convergence here and now! - Conference of the International Federation of Computer Law Associations (IFCLA), Helsinki, Finland, 10.06.2010
  • Data Breach Laws - EU Framework and Implementation, European Card Acquiring Forum 2010, Berlin, 25.02.2010
  • New Data Breach Laws - Developments, Requirements, Consequences in the EU and Germany, Privacy Matters Practice Group Meeting, World Law Group Spring Conference 2008, Athens, Greece, 09.05.2008
  • EU Whistleblower Hotlines - Current Trends and Best Practices, Ethicspoint Web Seminar, 01.08.2007
  • SOX Whistleblower Hotline Programs in the EU - Evolving best practices in France, Germany and elsewhere, Ethics & Compliance Officer Association, 21.06.2007
  • IT / data protection compliance, 360° Compliance, Frankfurt, 26.04.2007
  • Data protection requirements for global data management and data transfer", BITKOM working party Service Management and Standards, Langen, 15.02.2007
  • Convergence and data protection, Telecommunications and new media working party, Munich, 29.11.2006
  • Warranties and Liability UK/Germany, IT Forum Training Event, Munich, 15.02.2005
  • The Internet - a 'legal trap'?, E-Business Expo, Düsseldorf, 16.08.2000
more less

Education

  • Law studies at the University of Munich
more less

Feed

20/11/2023
Data protection and cybersecurity laws in Germany
Data protection 1. Local data protection laws and scope Data processing operations are governed by the Federal Data Protection Act (Bundes­datens­chutzge­setz – BDSG) of 30 June 2017, as last amended...
Comparable
01/06/2023
Datenschutz – Compliance- und Ver­trauens­voraus­set­zung für das Metaverse
The metaverse continues to evolve and gain ground. In this context, the question naturally arises as to how personal data can be protected. What happens, for example, if data about the spatial environment or other people is collected through virtual reality headsets? And how can the multilateral relationships of individual players in the metaverse be handled in terms of data protection law? Which data protection legislation applies in a virtual world that transcends national boundaries? CMS partner Christian Runte and Senior Associate Dr Alexander Schmid look at these and many other interesting data protection issues relating to the metaverse in our new podcast.
22/05/2023
Europe-wide analysis on the fifth anniversary of the GDPR reveals data...
European data protection authorities imposed fines totalling over 2.7 billion euros in more than 1,500 publicly known cases for violations of the General Data Protection Regulation, which has been in...
21/05/2023
GDPR Enforcement Tracker Report
A warm welcome... ... to the fourth edition of the GDPR Enforcement Tracker Report – the anniversary edition celebrating five years of GDPR. In the five years since the GDPR became applicable its powerful framework for imposing fines has certainly helped to raise awareness and encourage compliance efforts – just as the European legislator intended. At the same time, the risk of fines of up to EUR 20 million or 4% of a company’s global annual turnover can also lead to fear and reluctance or ignorance about compliance issues. We still believe that facts are better than fear. This is why we continuously update our list of publicly known fines in the GDPR  Enforcement Tracker and started the GDPR Enforcement Tracker Report as an annual deep dive approach to provide you with more insights into the world of GDPR fines. As in the three previous editions, the GDPR Enforcement Tracker Report starts with the Executive Summary (also available as a PDF version), followed by the “Numbers and Figures” section and the “Enforcement Insights per business sector” (also including the overarching employment category. The “Enforcement Insights per country” provide background on the specific enforcement framework under national law. Some remarks on our methodology can be found at the very end of the report.
16/08/2021
Data protection and security
Expert legal advisers
04/05/2021
CMS advises Computacenter on acquisition of Interseroh logistics subsidiary...
Munich – IT service provider Computacenter has acquired ITL logistics GmbH from environmental services provider Interseroh in Germany. The company will use the acquisition to expand its IT logistics...
24/12/2020
CMS Technology, Media & Communications Global Brochure
The challenges arising from data are countless and inescapable in our maturing technological landscape. To future-proof your organisation, and unlock opportunity from your data, you need alert and experienced...
24/11/2020
CMS advises VR Equitypartner and MEH Beteiligungs GmbH on sale of N3K Network...
Leipzig – VR Equitypartner and MEH Beteiligungs GmbH have sold their shares in IT service provider N3K Network Systems to private equity firm Invision. Equity capital financier VR Equitypartner and...
15/05/2020
Data Law Navigator - your guide to local data and cyber security laws across...
100% security does not exist. Now more than ever organisations of all shapes and sizes should pay attention to their data privacy and cyber security. Unprecedented numbers are now working from home, thus...
17/04/2020
Is a privacy-friendly use of mobile applications to combat COVID-19 our...
A Pan-European Approach to the Use of Mobile Apps and Mobile Data With its Recommendation of 8 April 2020 on steps and measures to develop a common approach to the use of mobile applications and mobile...
30/10/2019
Sharing is (S)caring
Scroll down to register with the blue button. Now marking its 5th year, CMS's International Technology, Media and Communications conference gathers delegates representing the spectrum of technology, media...
14/01/2019
The tension between GDPR and the rise of blockchain technologies
We live in an era of rapid technological development. Though this provides humanity with amazing opportunities to enhance our standard of living, it also forces lawmakers to work around the clock to analyse...