Home / Europe / Germany / TMC - Technology, Media & Communications / Data Protection Law & IT Security Law

Data Protection Law & IT Security Law

Back to TMC - Technology, Media & Communications
  • Advice on data protection-compliant structuring of all business models and internal/external processes which involve personal data of customers, employees or other third parties
  • Design, preparation and negotiation of data protection and compliance strategies at group, corporate, departmental or process level (including possible collective employment law aspects, where we bring in colleagues who specialise in the field)
  • Advice on the technical aspects of system data protection and on related legal issues in connection with the acquisition, creation, use and analysis of information
  • Dealing with data protection regulators and representation before these public bodies
  • Appropriate intervention in the event of a crisis involving actual or alleged data protection violations within the company


For us, data protection law is not just a “fashionable” new area of law. We have long practical experience of advising and representing German and international clients across a wide range of industries. Our approach combines strong legal specialisation with expertise in sector and application-specific requirements and concepts that has been gained through our work. We provide support and advice on structuring business models in compliance with data protection regulations, enabling such models to be implemented in an environment where privacy and personal rights are becoming increasingly sensitive issues.


Kanzleimonitor 2016, 2017

CMS Hasche Sigle also put strong emphasis on this area by building up data protection expertise at every office.

JUVE German Commercial Law Firms 2015 (GCLF)
GDPR Enforcement Tracker Report 2023
A warm welcome to the fourth edition of the GDPR Enforcement Tracker Report...
Data protection and security
Expert legal advisers


Adapting to the new EU Data Act: implications for medical devices and other...
In recent years, the European Commission developed a European data strategy, which aims to create a single European market in which data can circulate freely. As the European Commission has emphasized...
AI Act: Council and Parliament reach political deal
After lengthy negotiations, a political deal has been reached on the AI Act. This blog provides an overview of the current situation.There has been a gap of over two years between the world's first legal...
With EU Cyber Resilience Act, EU gets tough on IoT supply chain cybersecurity
On 30 November 2023, the EU took a decisive step towards bolstering cybersecurity in the Internet of Things (IoT) supply chain by reaching a political agreement over the Cyber Resilience Act (CRA). ...
Data protection and cybersecurity laws in Germany
Data protection 1. Local data protection laws and scope Data processing operations are governed by the Federal Data Protection Act (Bundes­datens­chutzge­setz – BDSG) of 30 June 2017, as last amended...
European Parliament adopts Data Act
On 9 November 2023, the European Parliament adopted the harmonised rules on fair access to and use of data (the Data Act), which complements the Data Governance Act of November 2020 by laying down rules...
CMS Life Sciences Vital Signs, Winter 2023
2023 has seen some significant legal developments impacting the life sciences industry, and as we look ahead to 2024, there are several important developments which we would like to keep our clients informed...
How to draft an AI policy
AI has been around for decades, but there’s been a substantial increase in the use (or, at least, talk about the use) of AI within the workplace as a result of recent advances in AI, in particular...
Five myths about the metaverse
Everyone is talking about the opportunities and risks of AI. The revolution of the internet through the metaverse, on the other hand, almost seems to have been forgotten. That would be a mistake."We believe...
EU Cybersecurity Month: The looming threat of a single phishing click to...
The EU Cybersecurity Month (ECSM) is an annual awareness campaign held every October throughout Europe, orchestrated by European and national institutions. Its primary objective is to elevate awareness...
Summer Snapshot: Tech and Data Highlights You Might Have Missed
Have you taken a break from your usual spot in front of the computer screen over the past few weeks? No worries, this article provides a succinct overview of the significant advancements in the world...
EU reaches agreement on Data Act – Comprehensive EU data law is on the...
On 27 June 2023, the European Parliament and Council resolved the remaining open points and reached a political agreement on the EU Data Act, paving the way for a new law that will introduce comprehensive...
UK and EU cloud services industry continues to come under regulatory scrutiny
On both sides of the English Channel, it is clear that the UK and EU’s cloud computing markets are coming under increasing scrutiny. In the UK, Ofcom recently published an interim update on its study...