Media reports of spectacular cybercrime incidents are an almost daily occurrence nowadays. Unauthorized access to corporate IT systems may allow advanced hackers in many cases to learn all trade secrets of an enterprise. Additionally, in times of Industry 4.0 and Smart Factory, it is possible to take control of manufacturing systems, to manipulate processes, and even to take over a company’s connected car fleet.
In view of these new realities, all companies are facing new legal problems: Who is liable when unauthorized access to IT systems causes damage? Can product liability or warranty claims be asserted because products were hacked? To what extent does IT security need to be specifically addressed in contracts? What are the reporting obligations that need to be met once a data leak has been detected? What kind of liability are corporate officers facing under Compliance aspects where, in breach of duty, they failed to take measures to avoid attacks?
Heuking Kühn Lüer Wojtek offers companies solutions to these and other issues. We cover the entire field of IT security law starting from IT security policy, which from a legal perspective is a major factor to avoid liability of a company and its managers, to the analyzing of contracts up to reacting correctly to security incidents.
We collaborate closely with IT forensic and court-certified IT experts, as well as IT security consultants. In addition, we keep close contacts with enterprises from the insurance industry that are developing novel products such as "cyber policies" to alleviate the technologically challenging residual risks by offering adequate insurance coverage.
Please also have a look at our flyer "Protection against cyber attacks" (German language):
Events (Selection)
- BSI Basic Protection. New quasi-legal security standard?, Lecture of Dr. Lutz M. Keppeler, International Insuralex Meeting “Cyber beyond borders”, Frankfurt November 29, 2019
- Teilnahme an Paneldikussion “CYBER CRISIS MANAGEMENT”, Lecture of Dr. Lutz M. Keppeler, 2. Deutor Cyber Security Best Practice Conference 2019
- Datenschutzgrund-Verordnung und E-Privacy-Verordnung, Lecture of Dr. Hans Markus Wulf, Handelskammer Hamburg, October 22, 2019
- Cybersicherheit & Recht – Rechtliche und technische Anforderungen für Unternehmen, Lecture of Dr. Hans Markus Wulf, WM Gruppe, 21. Compliance-Tagung, September 19, 2019
- Cybercrime: Wie kann ich mich schützen?, Lecture of Dr. Hans Markus Wulf, Handelskammer Hamburg, September 3, 2019
- Bericht über die durch das BSI in Auftrag gegebene Studie zur Cybersicherheitsarchitektur in Deutschland, bitkom Arbeitskreis IT-Sicherheitspolitik, Lecture of Dr. Lutz M. Keppeler, Berlin June 6, 2019
- Electronic discovery (eDiscovery): Was man damit erreichen kann und wie es technisch und auch rechtlich klappt, Lecture of Dr. Lutz M. Keppeler, Abeitskreis EDV und Recht, Cologne, May 15, 2019
- Cybersicherheit & Recht - Überblick und Praxishinweise zu den rechtlichen und technischen Anforderungen, Lecture of Dr. Hans Markus Wulf, Handelskammer Hamburg, June 18, 2019, Hamburg
- Daten-Leak in der Anwaltskanzlei – was nun? Pflichten des Berufsträgers bei Datenverlust unter Beachtung der Datenschutz- und –sicherheitsvorschriften inkl. Meldepflichten, Lecture of Dr. Lutz M. Keppeler at Deutsche Gesellschaft für Vermögensschadenhaftpflicht e.V. in Frankfurt, July 3, 2017
- Anforderungen an IT-Sicherheit aus DSGVO und IT-Sicherheitsgesetzgebung und praktische Lösungen durch Monitoring-Software, Webinar by Dr. Lutz M. Keppeler together with RadarServices, May 2017
- Lecture of Dr. Lutz M. Keppeler at "Kölner Kreis der IT-Forensiker" regarding Legal Implications of SSL Encryption, 2.2.2017
- Dr. Lutz M. Keppeler: Vertragsgestaltung bei Penetrationtests, Sitzung der Fachtagung des DGRI Fachausschusses in Cologne, 28.10.2016, (Download of presentation documents)
- Data- and IT-Security. Liability , risk management and insurances for businesses , in cooperation with DigiTrace and GGW, Leipzig 14.3.2016
- Lecture of Michael Schmittmann and Astrid Luedtke at Senatevent of BVMW in Düsseldorf, 1.3.2016
- Lecture of Dr. Lutz M. Keppeler on the Topic of IT-Security law, CK7 GmbH, Cologne, 12.11.2015
- Workshop Cyber-Krisenmanagement, Düsseldorf
- Daten- und IT-Sicherheit. Haftung, Risikomanagement und Versicherungsschutz für Unternehmen, in cooperation with DigiTrace and GGW
- Cyber Security - aus Sicht der Wirtschaft, Internal Briefing LKA NRW – Prevention Cybercrime, Düsseldorf
Publications (Selection)
- Dr. Hans Markus Wulf: Right to copy of personal data: First highest court ruling on the right of access to information under data protection law pursuant to Article 15(3) GDPR issued (Federal Labor Court, April 27, 2021), Update Data Protection No. 95, April 2021
- Dr. Hans Markus Wulf: German Cyber Security Act 2.0: Federal Cabinet presents new draft, Update Data Protection No. 90, February 2021
- IT-Sicherheitsgesetz 2.0: Neuer Entwurf der Bundesregierung, Update Datenschutz Nr. 90, Februar 2021
- Dr. Lutz M. Keppeler: Dataguidance Cybersecurity Guidance in Germany, Dataguidance Platform, April 2020
- Dr. Lutz M. Keppeler: Cyberschutz in der Anwaltskanzlei, MkG-Spezial, May 7, 2019
- Dr. Lutz M. Keppeler and Dr. Stefan Jöster, LL.M.: Tiber-EU: Sicherheitsstandards stärken Cyberversicherungen, March 30, 2019
- Dr. Hans Markus Wulf: Agreement on the new EU Cybersecurity Act, Update Data Protection No. 48, December 14, 2018
- Dr. Lutz M. Keppeler and Dr. Stefan Jöster, LL.M.: Worauf Makler beim Verkauf von Cyberpolicen achten sollten, Pfefferminzia, November 15, 2017
- Dr. Lutz M. Keppeler and Dr. Stefan Jöster, LL.M.: Cyber-Versicherungen gegen Online-Kriminalität, FAZ, October 10, 2017
- Dr. Lutz M. Keppeler and Dr. Stefan Jöster, LL.M.: Versicherungsschutz gegen Cyber-Attacken, Computer Reseller News, August 31, 2017
- Dr. Lutz M. Keppeler and Dr. Stefan Jöster, LL.M.: Cyber-Versicherungen: Fallschirm für Bauunternehmer, Der BauUnternehmer, August 2017, No. 8
- Dr. Lutz M. Keppeler: Datenschutzrechtliche und strafrechtliche Implikationen der SSL-Decryption, Kommunikation & Recht (K&R), July/August 2017, p. 453 to 460
- Dr. Dirk Stolz und Dr. Lutz M. Keppeler: IT security law in Germany, Thomson Reuters - Practical Law
- Dr. Lutz M. Keppeler: Erhöhte Anforderungen an IT-und Datensicherheit für Homepages und Apps durch neuen § 13 Abs. 7 TMG, Datensicherheit 2.0, Ausgabe 1 2016
- The (new) draft IT Security Act
Newsletter IP, Media & Technology January 2015; Dr. Lutz Martin Keppeler and Dr. Philip Kempermann, LL.M. - Dr. Lutz M. Keppeler: Der Entwurf eines „Security and Privacy in Your Car Act” vor dem Hintergrund der Debatte um Connected Car in Deutschland RDV - Recht der Datenverarbeitung, 2015, p. 299 bis 306