Home / People / Christian Runte
Portrait of Christian Runte

Christian Runte

Partner
Rechtsanwalt

CMS Hasche Sigle
Nymphenburger Straße 12
80335 Munich
Germany
Languages English, German

Christian Runte specializes in technology projects, with a special focus on data protection law. He is also widely experienced in handling German and international technology transactions and IT outsourcing projects. Christian’s clients include international technology companies and service providers who particularly appreciate his negotiation skills and solution driven approach.

Christian is co-head of the CMS data protection group and chair of the privacy and data protection group of the World Law Group.

Christian led numerous EU and international data protection and technology projects across several jurisdictions.

Christian, who has been a partner at CMS since 2008, started his legal career with a leading firm in São Paulo (Brazil) and Munich before co-founding an e-commerce business in 1998. He joined CMS in 2000 and was seconded to CMS London in 2004.

more less

"Recommended" for Data Protection and Information Technology

JUVE German Commercial Law Firms 2021 (GCLF)

Ranked for TMT: Data Protection - Germany

Chambers Europe, 2020

Nennung als Top Anwalt für den Bereich Datenschutzrecht

Deutschlands beste Anwälte 2020 – Handelsblatt in Kooperation mit Best Lawyers

Listed as a leading lawyer in the category "Germany - Best Law Firms for Data Protection, IT & Outsourcing - 2020"

Leader's League, 2020

Recommended for Data

Who's Who Legal 2020 & 2021

Recommended for Information Technology

Who's Who Legal 2020 - Data

"Christian Runte is a well-established practitioner with notable experience in outsourcing, e-commerce and special expertise in data protection."

Chambers Europe, 2019

Nennung als Top Anwalt für den Bereich IT-Recht

WirtschaftsWoche Top-Kanzleien 2019; In Kooperation mit: Handelsblatt Research Institute

"Christian Runte is a European data protection law expert."

The Legal 500 EMEA, 2016

Memberships & Roles


  • Chairman of the World Law Group’s Privacy & Data Protection Group
  • German Association for Data Protection and Data Security (GDD)
  • German Association of Law and Informatics (DGRI)
  • International Technology Law Association (ITechLaw)
  • German Bar Association
more less

Publications


  • Datensicherheit nach Hackerangriff, PLATOW Recht, Nr. 9, 23. Januar 2019, S. 6
  • Perspektiven für Juristen 2011, "Medien- und IT-Recht", e-fellows.net GmbH & Co. KG, München 2010
  • Handbuch für den Fachanwalt Informationstechnologierecht (Mitautor), Datenschutzrecht, Wolters Kluwer 2008
  • et. al., Special Report: Anonymous Sarbanes Oxley Hotlines in the European Union: Practical Guidance On Compliance For Global Companies, World Securities Law Report, Volume 11, Number 9, pp. 24-30 2008
  • The Practitioners' Guide to the Sarbanes-Oxley Act, Volume II, Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws (Chapter 9), American Bar Association 2008
  • Düsseldorfer Kreis: Whistleblowing Hotlines und Datenschutz, MMR, Heft 6, XXV 2007
  • The Practitioners' Guide to the Sarbanes-Oxley Act, Volume II, American Bar Association, Chicago, Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws (Chapter 9), S.1-29 2006, p. 0
  • EU Richtlinie zur TK-Vorratsdatenspeicherung in Kraft getreten, Informationsdienst IT-Grundschutz, Bundesanzeiger Verlag, Bonn 2006
  • Neue Entwicklungen bei der Vorratsdatenspeicherung von Telekommunikationsdaten, CMS Update Technology 2006, p. 6 f
  • Anonymous Sarbanes Oxley Hotlines in the E.U.: Practical Compliance Guidance for Global Companies, BNA International's World Data Protection Report (www.bnai.com) 2005
  • Anonymous Hotlines for Whistleblowers - The U.S. Sarbanes Oxley Act and European Compliance Issues, Computer Law Review International (CRi) 2005, p. 135 ff
  • Anonymous Sarbanes Oxley Hotlines in the E.U., World Tax and Law Report, Issue 20, BNA International 2005
  • et. al., ANONYMOUS SARBANES OXLEY HOTLINES IN THE E.U.: PRACTICAL COMPLIANCE GUIDANCE FOR GLOBAL COMPANIES, THE SECURITIES REPORTER, Newsletter of the American Bar Association's Section of Business Law Committee on Federal Regulation of Securities, Volume 10 Issue 3 2005, p. 61 ff
  • "EU: Alternative Standardvertragsklauseln für die Übermittlung personenbezogener Daten in Drittländer", MMR (Multimedia und Recht) 2005, p. 17 ff
  • Software und GPSG, Computer und Recht 2004, p. 725 ff
  • Remote Control und Datenschutz, IT-Administrator 2004, p. 52 f
  • Data Mining und Datenschutz, IS-Report, Ausgabe 9 2004, p. 31
  • Vergütung für Softwarepflege bei laufender "Gewährleistung", ITRB (Der IT-Rechtsberater), Heft 11 2003, p. 253 ff
  • Schadensersatz bei Abschaltung eines Webservers (Anmerkung zu AG Charlottenburg, U. v. 11.01.2002 - 208 C 192/01), Computer und Recht, Verlag Otto Schmid, Köln 2002, p. 297 ff
  • Produktaktivierung - Zivilrechtliche Aspekte der "Aktivierung" von Software, Computer und Recht, Verlag Otto Schmid, Köln 2001, p. 657 f
more less

Lectures list


  • Final Countdown to GDPR – The role of data protection officers, Webinar, 20.03.2018
  • Datenschutz, Data Ownership, Lizenz- und Haftungsfragen, Konzerne im Wandel - Fortschritt durch Digitalisierung, München, 21.02.2018
  • Privacy-Tech - Möglichkeiten und Grenzen von Legal Tech bei der Bearbeitung datenschutzrechtlicher Aufgaben, BITKOM Forum Recht, Berlin, 18.05.2017
  • Vertiefungsworkshop zur EU-Datenschutzgrundverordnung / Einbindung des Betriebsrats, 16. CMS-Arbeitsrechtskongress, Frankfurt, 16.05.2017
  • Brexit and implication for Data Protection Law, World Law Group Spring Conference, Warsaw, 12.05.2017
  • Are you ready for the GDPR? - Time to implement your compliance programme, CMS Data Protection Conference, London, 24.02.2017
  • Surveillance society: Big Data, CMS TMC Conference 2016, London, 25.11.2016
  • EU-Datenschutzgrundverordnung 2018, BVDW-Datenschutz-Roadshow, München, 22.11.2016
  • EU-US Privacy Shield und neue europäische Datenschutzregeln – Was erwartet die Digitale Wirtschaft?, BVDW, München, 22.03.2016
  • Safe Harbor: Die Auswirkungen des Urteils des Europäischen Gerichtshofes auf Arbeitsverhältnisse – auch in nicht konzerngebundenen Unternehmen, 6. BPM Arbeitsrechtstag 2016, Frankfurt a.M., 16.03.2016
  • Big Data - Implications for Privacy and Data Protection Compliance in the UK and Germany", Consumer Products Conference, London, 04.06.2015
  • Datenschutzrechtliche Vorgaben beim Datentransfer ins Ausland, Compliance Roadshow 2014, München, 22.07.2014
  • IT-Sicherheit – Truth or Dare, Unternehmensjuristentage 2014, Berlin, 27.06.2014
  • Datenaustausch mit Drittstaaten, BITKOM Forum Recht, Berlin, 14.05.2014
  • Datenschutz aktuell, Corporate Governance Compliance Strategies 2014, Berlin, 05.05.2014
  • Data Processing Agreements under German Law – What is so special?, Privacy Laws & Business Privacy Officers Network Roundtable, München, 28.04.2014
  • Global Data Breaches: Strategies, Notifications and Management, AllClear ID Webinar, 28.01.2014
  • NSA Cyber Spying Programs – Impact on Business Clients in Germany and the EU, Privacy Matters & IP/IT Group Meeting, World Law Group Fall Conference 2013, Boston, 04.10.2013
  • Global Hotlines, Data Protection and FCPA Investigations, IAPP Europe Data Protection Intensive 2013, London, 24.04.2013
  • Whistleblowing – Good Corporate Governance - IAPP Data Protection Congress 2012, Brüssel, 14.11.2012
  • Update Datenschutz, Köln, 10.05.2012
  • Update Datenschutz, München, 09.05.2012
  • Internal Investigations und Datenschutz, München, 14.03.2012
  • E-Mobility und Datenschutz, Erlangen, 07.02.2012
  • Bring Your Own Device, Frankfurt/Main, 06.10.2011
  • Cloud Computing - Data Protection & Security, München, 04.10.2011
  • Datenschutz und Compliance, Stuttgart, 25.03.2011
  • Navigating the Privacy Sea, Convergence here and now! - Conference of the International Federation of Computer Law Associations (IFCLA), Helsinki, Finland, 10.06.2010
  • Data Breach Laws - EU Framework and Implementation, European Card Acquiring Forum 2010, Berlin, 25.02.2010
  • New Data Breach Laws - Developments, Requirements, Consequences in the EU and Germany, Privacy Matters Practice Group Meeting, World Law Group Spring Conference 2008, Athens, Greece, 09.05.2008
  • EU Whistleblower Hotlines - Current Trends and Best Practices, Ethicspoint Web Seminar, 01.08.2007
  • SOX Whistleblower Hotline Programs in the EU - Evolving best practices in France, Germany and elsewhere, Ethics & Compliance Officer Association, 21.06.2007
  • IT / data protection compliance, 360° Compliance, Frankfurt, 26.04.2007
  • Data protection requirements for global data management and data transfer", BITKOM working party Service Management and Standards, Langen, 15.02.2007
  • Convergence and data protection, Telecommunications and new media working party, Munich, 29.11.2006
  • Warranties and Liability UK/Germany, IT Forum Training Event, Munich, 15.02.2005
  • The Internet - a 'legal trap'?, E-Business Expo, Düsseldorf, 16.08.2000
more less

Education


  • Law studies at the University of Munich
more less

Feed

Show only
04/05/2021
CMS ad­vises Com­puta­cen­ter on ac­quis­i­tion of In­terser­oh lo­gist­ics sub­si­di­ary...
Mu­nich – IT ser­vice pro­vider Com­puta­cen­ter has ac­quired ITL lo­gist­ics GmbH from en­vir­on­ment­al ser­vices pro­vider In­terser­oh in Ger­many. The com­pany will use the ac­quis­i­tion to ex­pand its IT lo­gist­ics...
05 March 2021
Data pro­tec­tion and cy­ber­se­cur­ity laws in Ger­many
Data pro­tec­tion 1. Loc­al data pro­tec­tion laws and scope Data pro­cessing op­er­a­tions are gov­erned by the Fed­er­al Data Pro­tec­tion Act (Bundes­datens­chutzge­setz – BDSG) of 30 June 2017, as last amended...
Comparable
December 2020
CMS Tech­no­logy, Me­dia & Com­mu­nic­a­tions Glob­al Bro­chure
The chal­lenges arising from data are count­less and in­es­cap­able in our matur­ing tech­no­lo­gic­al land­scape. To fu­ture-proof your or­gan­isa­tion, and un­lock op­por­tun­ity from your data, you need alert and ex­per­i­enced...
24/11/2020
CMS ad­vises VR Equity­part­ner and MEH Beteili­gungs GmbH on sale of N3K Net­work...
Leipzig – VR Equity­part­ner and MEH Beteili­gungs GmbH have sold their shares in IT ser­vice pro­vider N3K Net­work Sys­tems to private equity firm In­vi­sion. Equity cap­it­al fin­an­ci­er VR Equity­part­ner and...
28 September 2020
GDPR En­force­ment Track­er Re­port
1st edi­tion 2020All EU Mem­ber States have been re­quired to ap­ply the Gen­er­al Data Pro­tec­tion Reg­u­la­tion ("GDPR", Reg­u­la­tion (EU) 2016/679) since 25 May 2018. After a cau­tious ini­tial peri­od, the EU data pro­tec­tion au­thor­it­ies ("DPA") have in­creased their fin­ing activ­ity sig­ni­fic­antly. This GDPR En­force­ment Track­er Re­port aims to provide you with valu­able in­sights in­to the fin­ing activ­it­ies of all EU DPAs un­der the GDPR, as well as the ICO's prac­tice in the United King­dom. Our ana­lys­is is based on the pub­licly avail­able data on fines that we col­lect and com­pile at www.en­force­ment­track­er.com. We in­tend to pub­lish an­nu­al edi­tions of this re­port, and we ex­pect that the rel­ev­ance of in­sights will stead­ily in­crease as more data on fines be­comes avail­able.Over­view, coun­try and sec­tor ap­proachIn search of guid­ance on how to op­tim­ise its own data pro­tec­tion strategy and pri­or­it­ise data pro­tec­tion meas­ures, a com­pany will nat­ur­ally want to look at its peers and the com­pet­ent au­thor­it­ies' prac­tice. This holds true both in terms of busi­ness sec­tors and jur­is­dic­tion. Kick­ing off with an over­all sum­mary on the ex­ist­ing fines ("Num­bers and Fig­ures"), we have cor­res­pond­ingly di­vided the fines in­to the fol­low­ing busi­ness sec­tors and con­sidered the re­spect­ive fines' ori­gins:Fin­ance, in­sur­ance and con­sultingAc­com­mod­a­tion and hos­pit­al­ity­Health careIn­dustry, com­merce and real es­tate­Media, tele­coms and broad­cast­ing­Pub­lic sec­tor­Trans­port­a­tion and en­ergy­In­di­vidu­als and private as­so­ci­ation­sEm­ploy­er­sY­our takeawaysThe in-depth ana­lys­is per­mits first con­clu­sions to be drawn as to which busi­ness sec­tors at­trac­ted par­tic­u­larly hefty fines. We have also ana­lysed the DPAs' reas­on­ings for the fines. These as­pects to­geth­er al­low us to provide you with key takeaways for each busi­ness sec­tor. Apart from the law­ful­ness of each data pro­cessing op­er­a­tion, bol­ster­ing data se­cur­ity should re­main in the spot­light for every or­gan­isa­tion. Lit­ig­a­tion in data pro­tec­tion is set to in­crease in the near fu­ture. Or­gan­isa­tions that main­tain up-to-date se­cur­ity meas­ures will be best pre­pared for the fu­ture and for po­ten­tial lit­ig­a­tion.
17 April 2020
Is a pri­vacy-friendly use of mo­bile ap­plic­a­tions to com­bat COV­ID-19 our...
A Pan-European Ap­proach to the Use of Mo­bile Apps and Mo­bile Data With its Re­com­mend­a­tion of 8 April 2020 on steps and meas­ures to de­vel­op a com­mon ap­proach to the use of mo­bile ap­plic­a­tions and mo­bile...
30 October 2019
Shar­ing is (S)caring
Scroll down to re­gister with the blue but­ton.Now mark­ing its 5th year, CM­S's In­ter­na­tion­al Tech­no­logy, Me­dia and Com­mu­nic­a­tions con­fer­ence gath­ers del­eg­ates rep­res­ent­ing the spec­trum of tech­no­logy, me­dia...
January 2019
The ten­sion between GDPR and the rise of block­chain tech­no­lo­gies
We live in an era of rap­id tech­no­lo­gic­al de­vel­op­ment. Though this provides hu­man­ity with amaz­ing op­por­tun­it­ies to en­hance our stand­ard of liv­ing, it also forces law­makers to work around the clock to ana­lyse...
28 November 2018
Sup­port­ing you with data pro­tec­tion and cy­ber­se­cur­ity
Our data pro­tec­tion team provides coun­sel across a wide range of areas in­clud­ing data pro­tec­tion re­gis­tra­tion and policy de­vel­op­ment, data se­cur­ity and mo­bile device en­cryp­tion, data trans­fer pro­ced­ures...
24 April 2018
CMS we­bin­ar series: Fi­nal Count­down to GDPR
With GDPR tak­ing ef­fect across the European Uni­on in May 2018, pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Our free weekly we­binars in this series will take a...
March 2018
Fi­nal Count­down to GDPR
GDPR took ef­fect across the European Uni­on in May 2018, and pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Re-watch we­binars in the series which took a prac­tic­al...
20 March 2018
The role of data pro­tec­tion of­ficers
With GDPR tak­ing ef­fect across the European Uni­on in May 2018, pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Our free weekly we­binars in this series will take a...