Home / People / Johannes Juranek
Portrait of Johannes Juranek

Johannes Juranek

Managing Partner
Attorney-at-law for data protection law

CMS Reich-Rohrwig Hainz
Rechtsanwälte GmbH
Gauermanngasse 2
1010 Vienna
Austria
Languages German, English, French

Specialisation in data protection law

Johannes Juranek is managing partner of CMS Reich-Rohrwig Hainz and an expert in technology, data protection and business law. He has extensive experience in handling complex legal cases in the areas of IT law, data protection and commercial law. Among other things, he advises clients on the implementation of compliance regulations in connection with the General Data Protection Regulation (GDPR).

Industries

His clients include technology, software and industrial companies, banks and healthcare companies. Johannes Juranek also represents clients before courts and arbitration tribunals in these areas.

Publications and lectures

Johannes Juranek is the author of a number of publications and regularly gives lectures on the above-mentioned topics.

Roles

Johannes Juranek is Chairman of the Supervisory Board of Universal Edition AG and a member of the Supervisory Board of a:head bio AG.

Ranking

Johannes Juranek has been nominated for the award Acritas Stars 2021.

more less

"He is always available, and combines his technical legal knowledge with his knowledge of technology," a client says

Chambers Europe, 2017

Johannes Juranek, who is singled out for his ‘extensive knowledge and intelligent approach’.

Legal 500, 2016

Extreme service provider, a very clear and structured approach, and he can simply break down highly complex matters and explain it simply.

Acritas 2019

He can explain complex matters extremely well, is well-grounded, and is extremely service-oriented.

Acritas 2019

Memberships & Roles

  • International Technology Law Association (ITechLaw)
  • International Association of Privacy Professionals (IAPP)
  • Viennese Bar Association
more less

Lectures list

  • Ongoing lecture activities in IT and privacy law at the University of Vienna, the Technical University of Vienna and the Department of Business Law and European Integration at the Danube University in Krems; conducts a range of different seminars.
more less

Education

  • 1998 - Bar Exam
  • 1993 - Dr. iur., University of Vienna
  • 1992 - Mag. iur., University of Vienna
more less

Feed

26/11/2021
Leg­al term for pay­ments in Aus­tria
1. Are there any spe­cif­ic leg­al re­quire­ments in re­spect of pay­ment terms? Yes. The pro­vi­sions of the EU Dir­ect­ive 2011/7/EU on com­bat­ing late pay­ments in com­mer­cial trans­ac­tions have been im­ple­men­ted...
12/10/2021
On­line gambling law and reg­u­la­tion in Aus­tria
16/08/2021
Data pro­tec­tion and se­cur­ity
Ex­pert leg­al ad­visers
27/05/2021
GDPR En­force­ment Track­er Re­port
When the GDPR was already in force, but not yet ap­plic­able (and not a single fine had been im­posed yet), much at­ten­tion was paid to the for­mid­able fine frame­work. For many com­pany of­ficers, this caused fear: if I vi­ol­ate the GDPR, I have one foot in jail (or at least my or­gan­isa­tion has to pay EUR 20 mil­lion or 4% of its glob­al an­nu­al turnover, cal­cu­lated for the whole group, if the com­pany is part of one).We be­lieve that facts are bet­ter than fear.The con­tinu­ously up­dated list of pub­licly known GDPR fines in the GDPR En­force­ment Track­er is our 24/7 rem­edy against fear, while the an­nu­al En­force­ment Track­er Re­port is our deep dive and per­mits more in­sights in­to the world of GDPR fines. We are pleased that our ana­lys­is for this second edi­tion of the ET Re­port is based on a lar­ger over­all data set of more than 570 fine cases, 526 of which made it in­to the ed­it­or­i­al team's work­sheet.More in­ter­na­tion­al­We are even more pleased that more in­ter­na­tion­al col­leagues sup­por­ted us this time and provided de­tailed in­put on en­force­ment prac­tice, in par­tic­u­lar for EU mem­ber states in the new mem­ber state in­ter­views (Ed­it­or­'s note: the United King­dom re­mains part of the En­force­ment Track­er Re­port and the En­force­ment Track­er as the UK Gen­er­al Data Pro­tec­tion Reg­u­la­tion en­sures reg­u­lat­ory con­sist­ency re­gard­less of Brexit).Loc­al law and prac­tice mat­ter­After al­most three years of GDPR ap­plic­a­tion, we are not the only ones to have learned one thing: des­pite the GDPR's full har­mon­isa­tion ap­proach, hardly any oth­er area is shaped more by na­tion­al laws and of­fi­cial prac­tice than GDPR fines. This may be a reas­on why Spain still tops the list of coun­tries with the most fines this year.Ex­ec­ut­ive Sum­mary­As we are aware that pri­vacy pro­fes­sion­als are un­likely to have a peace­ful job in these chal­len­ging times, the second edi­tion kicks off with an ex­ec­ut­ive sum­mary for the quick read­er (in­clud­ing over­all takeaways, in ad­di­tion to sec­tor-spe­cif­ic ob­ser­va­tions). Hav­ing in­ten­tion­ally op­ted for an on­line-only pub­lic­a­tion, the ET Re­port's Ex­ec­Sum is the only part that you can con­veni­ently down­load (or even print out for bed­time read­ing without a di­git­al device).Num­bers & fig­ures and sec­tor ap­proach­We have put to­geth­er an over­all sum­mary of the ex­ist­ing fines in the "Num­bers and Fig­ures" sec­tion, fol­lowed by tried-and-tested ana­lys­is for the fol­low­ing busi­ness sec­tors:Fin­ance, in­sur­ance and con­sultingAc­com­mod­a­tion and hos­pit­al­ity­Health careIn­dustry and com­mer­ceR­eal es­tate­Media, tele­coms and broad­cast­ing­Pub­lic sec­tor and edu­ca­tion­Trans­port­a­tion and en­ergy­In­di­vidu­als and private as­so­ci­ations plus the over­arch­ing cat­egoryEm­ploy­mentY­our takeawaysThis in-depth ana­lys­is per­mits first con­clu­sions to be drawn as to which busi­ness sec­tors at­trac­ted par­tic­u­larly hefty fines. We also ana­lysed the DPAs' reas­on­ings for the fines. These as­pects to­geth­er al­low us to provide you with key takeaways for each busi­ness sec­tor. Apart from the law­ful­ness of each data pro­cessing op­er­a­tion, bol­ster­ing data se­cur­ity should re­main in the spot­light for every or­gan­isa­tion. There are already rel­ev­ant in­dic­a­tions in terms of data pro­tec­tion lit­ig­a­tion – in par­tic­u­lar, data sub­ject­s' claims for ma­ter­i­al or im­ma­ter­i­al dam­ages un­der Art. 82 of the GDPR are on the rise. This trend is un­likely to stop, be­ing in par­tic­u­lar sup­por­ted by col­lect­ive re­dress mech­an­isms and leg­al tech of­fer­ings that are already in­creas­ing the risks of and re­sources needed for data pro­tec­tion claims man­age­ment.Meth­od­o­logy­We do not re­sort to witch­craft nor do we have pref­er­en­tial ac­cess to GDPR fine in­form­a­tion (at least in most cases, but we are still work­ing on that…) when work­ing in the En­force­ment Track­er en­gine room and pre­par­ing the En­force­ment Track­er Re­port. In ad­di­tion to our ne­ces­sary fo­cus on pub­licly avail­able fines, there are some oth­er in­her­ent lim­its to the data be­hind this whole ex­er­cise. For the "small print", please see our more de­tailed re­marks on meth­od­o­logy. On a more gen­er­al level, al­though we have done our best to break down a com­plex top­ic in­to neat pieces, we have res­isted the tempta­tion to fol­low SEO re­com­mend­a­tions for the whole con­tent pack­age and would ask you to con­sider it a "long read" format if you de­cide to read it in full.What's next?The En­force­ment Track­er Re­port and the En­force­ment Track­er are a work in pro­gress. We highly ap­pre­ci­ate any form of feed­back (prefer­ably con­struct­ive…) and would like to thank every­body who has reached out over the last year. We re­ceived in­ter­est­ing ideas, in­form­a­tion about for­got­ten fines (hid­den deeply in re­mote corners of a sup­posedly com­pletely cap­tured world) and re­com­mend­a­tions for ad­di­tion­al fea­tures (our buck­et list is grow­ing stead­ily), as well as rel­ev­ant con­tri­bu­tions from stake­hold­ers out­side the EU – demon­strat­ing that the data pro­tec­tion land­scape is evolving rap­idly on a glob­al scale and in­ter­faces between na­tion­al/re­gion­al con­cepts are de­vel­op­ing even in the ab­sence of a glob­al data pro­tec­tion law. We have en­gaged with peers from the leg­al pro­fes­sion, pri­vacy pro­fes­sion­als with a more ad­vanced tech back­ground as well as re­search­ers from vari­ous dis­cip­lines. We strongly en­cour­age you to con­tin­ue en­ga­ging with us. And we apo­lo­gise in ad­vance if our feed­back may take some time; the data pro­tec­tion world is not a quiet one right now.Stay safe – and keep on fight­ing, Chris­ti­an Runte, Mi­chael Kamps, ed­it­ors and the en­force­ment track­ing and re­port­ing team
31/03/2021
Elec­tron­ic sig­na­ture law in com­mer­cial con­tracts in Aus­tria
1. Defin­i­tion and form­al re­quire­ments of writ­ten leg­al state­ments or leg­al state­ments leg­ally bind­ing if the law re­quires writ­ten form § 886 of the Aus­tri­an Civil Code ("ABGB") stip­u­lates the writ­ten...
04/02/2021
Law and reg­u­la­tion of force ma­jeure in Aus­tria
1. Is there le­gis­la­tion on force ma­jeure in your law sys­tem? Sev­er­al Aus­tri­an civil law pro­vi­sions tackle the is­sue of “ac­ci­dent­al loss or impair­ment of goods” e.g.:§ 1049 ABGB stip­u­lates that...
16/11/2020
CMS a top em­ploy­er: Im­press­ive ad­vance­ment se­cures CMS second place for...
CMS Reich-Rohr­wig Hainz has leapt ahead this year in the JUVE list of the top 20 Aus­tri­an law firms to work for. The clear im­prove­ment from 8th to 2nd place is par­tic­u­larly grat­i­fy­ing when one con­siders...
16/09/2020
Stay Up To Date With The Data Law Nav­ig­at­or And The Ex­pert Guide To E-Sig­na­tures...
We are pleased to present two pub­lic­a­tions that have been among the most fre­quently ac­cessed guides since be­ing pub­lished on our web­site: the CMS Data Law Nav­ig­at­or and the CMS Ex­pert Guide to E-Sig­na­tures...
17/07/2020
Ugh tilts the "Eu-Us-Pri­vacy Shield" | Eu Stand­ard Con­tract Clauses re­main...
In the long-awaited rul­ing "Face­book vs. Schrems" (ECJ C-311/18), the European High Court has now ruled that trans­fer­ring per­son­al data from the EU to the USA on the basis of the data pro­cessing agree­ment...
15/07/2020
CMS an­nounces glob­al rev­en­ues of EUR 1.426bn
Sig­ni­fic­ant in­vest­ments in­clude Lupl, an open in­dustry plat­form, which has the po­ten­tial to trans­form the col­lab­or­a­tion between law firms and leg­al de­part­ments, and ex­pand­ing the firm­'s foot­print in Afri­caRanked...
14/07/2020
The Chan­ging Face of Cy­ber Claims
At the in­vit­a­tion of glob­al ex­perts in in­sur­ance brok­ing and risk man­age­ment, Marsh, and IT con­sult­ants, Wave­stone, CMS has con­trib­uted to The Chan­ging Face of Cy­ber Claims study which looks at prac­tic­al...
15/04/2020
Com­mu­nic­a­tions as an es­sen­tial ser­vice dur­ing COV­ID-19 con­fine­ment
Aus­tria has taken pre­cau­tion­ary meas­ures re­gard­ing in­ter­net use, al­though at present there is no reas­on to worry that the avail­able net­works will not be able to with­stand in­creased use. As in­ter­net traffic...