Search for:
Author

Michaela Nebel

Browsing
Dr. Michaela Nebel is a partner in the Frankfurt office of Baker McKenzie since June 2011 and was admitted as an attorney to the German bar shortly after. Prior to joining Baker McKenzie she studied law at the University of Passau. She obtained her Doctor of Law degree on a topic related to privacy in the Web 2.0. From July until December 2014 she practiced at the San Francisco office of Baker McKenzie. She is a member of the International Association of Privacy Professionals (IAPP) and since May 2015 a Certified Information Privacy Professional/Europe (CIPP/E) and since May 2017 a Certified Information Privacy Professional/United States (CIPP/US). She is also the author of numerous articles on information technology law, in particular on data protection law and e-commerce law, and the co-author of an English language commentary on the EU General Data Protection Regulation. In 2017/2018, Michaela received several recommendations for data protection law in kanzleimonitor.de.

Baker McKenzie’s TMT Looking Ahead 2022 five-part series explores key themes, offers timely insights, and lays out recommendations for technology, media and telecommunication companies looking to navigate the latest industry developments. Topics covered include tech regulation and compliance, tech M&A, interactive entertainment, 5G and TMT as the driver of change.

Baker McKenzie’s TMT Looking Ahead 2022 five-part series explores key themes, offers timely insights, and lays out recommendations for technology, media and telecommunication companies looking to navigate the latest industry developments. Report 1 of the series explores how TMT companies can:
manage heightened regulatory activity and continued scrutiny of the industry; understand how regulators will shape new laws and share information on compliance and enforcement activities; get ahead of the curve in protecting IP in key areas of innovation, including autonomous vehicles, virtual and augmented reality, blockchain and digital health; and
navigate an increasingly complex regulatory enforcement environment following an increase in cyber attacks in 2021

On November 3, the German Federal Ministry of Justice and Consumer Protection published two draft bills for the implementation of certain aspects of the Directive on digital content and services (Directive (EU) 2019/770) and the Directive on better enforcement and modernisation of consumer protection rules (Directive (EU) 2019/2161). The Directive on digital content and services must be transposed by the German legislator into national law by July 1, 2021, which in turn must be applied beginning January 1, 2022. The Directive on better enforcement and modernisation of consumer protection rules must be transposed into national law by November 8, 2021, which in turn must be applied beginning May 28, 2022. If adopted, the draft bills will amend the German Civil Code, inter alia, supplementing the requirements for distance selling contracts, introducing new rules for consumer contracts about digital content and services, and providing for new information obligations for online market places as well as amend the Introductory Act of the German Civil Code by introducing a new administrative fine for violations of certain consumer protection law obligations.

The Hamburg Commissioner for Data Protection and Freedom of Information (“Hamburg DPA”) imposed a 35.5 million Euro fine on a global fashion company’s subsidiary in Germany for violations of the GDPR. This million Euro fine is the highest fine known in Germany so far.

Munich, Germany

The Hamburg Commissioner for Data Protection and Freedom of Information (“Hamburg DPA”) imposed a 35.5 million Euro fine on a global fashion company’s subsidiary in Germany for violations of the GDPR. This million Euro fine is the highest fine known in Germany so far.

The European Data Protection Board (EDPB) has published draft guidelines on the concepts of controller and processor in the GDPR (Guidelines). They replace the previous guidelines on the concepts of controllers and processors which the Art. 29 Working Party, i.e., basically the EDPB’s predecessor, had published in 2010. The Guidelines…

The European Data Protection Board (“EDPB”) has published draft guidelines on the concepts of controller and processor in the GDPR (“Guidelines”). They replace the previous guidelines on the concepts of controllers and processors which the Art. 29 Working Party, i.e. basically the EDPB’s predecessor, had published in 2010. The Guidelines are open for public consultation until October 19, 2020, after which the final version will be issued.

Questions continue to arise over the interplay of the second Payment Services Directive (PSD2) with the General Data Protection Regulation (GDPR). Both PSD2 and the GDPR are complex legislation and the relationship between distinct provisions of each law and how they work together is not altogether clear, which has led to uncertainty for payment service providers, including banks. For example, when is ‘consent’ required to access payment data and what does consent mean? To this end, the European Data Protection Board (EDPB) has published draft guidelines for consultation, but alongside other industry bodies and firms, the European Banking Federation (EBF) has voiced concerns over their workability for the sector.

For four months we have been providing you with regular updates on all relevant legal developments regarding the Coronavirus disease in Germany. In the future you will be informed by our team about changes in specific topics. Please don’t hesitate to get in contact with our experts. The guide line…