Since the European General Data Protection Regulation (GDPR) came into force on 25 May 2018, companies are facing possible fines of up to 20 million euros or up to four percent of their previous year's turnover in the event of violations of data protection laws. So far, the prosecution and punishment practices of the German data protection authorities have been rather moderate in international comparison. The data protection authorities now intend to change this: On October 14, 2019, the federal and state authorities agreed on a joint concept for setting fines. The first major fine proceedings - initiated along with administrative litigation PR - are now to prove its practical suitability.
The legal situation is complicated due to the interlocking of the European law-based GDPR with the national sentencing regulations. Advising and defending in data protection criminal law and the law on infringements of data protection regulations therefore requires interdisciplinary expertise and experience. We happy to provide both to companies and their managers with full committment.