Salaried Partner

Michael Kuska, LL.M., LL.M.

Düsseldorf

+49 211 600 55-166 +49 211 600 55-160

Languages
German, English
Practice groups/Expertise
IP, Media & Technology Health Care & Life Sciences Data Protection & Data Law IT & Telecommunications Information Security
Consulting focuses
  • Information Technology (IT)
  • Data Protection Law
  • IT Security
  • Cyber Security
  • IT-Outsourcing Tech-driven transactions
  • E-Commerce
  • Internet Law
Show moreShow less

Vita

  • Head of Expert Group Information Security
  • Admitted to the bar since 2015
  • Education and former acitivies
  • LL.M. (Double-Degree) in Legal Informatics, University of Hannover and University of Oslo, Norway2014-2015
  • Legal Trainee (Referendariat), Higher Regional Court of Duesseldorf 2012-2014
  • Student of Law at the University of Duesseldorf 2006-2011

Qualifications/current topics

  • Certified ICO ISMS Security Officer according to ISO/IEC 27001:2022
  • Certified ICO ISMS Auditor according to ISO/IEC 27001:2022

Michael Kuska has several years of experience as a lawyer in the field on IT, Digitalization, Data Protection, E-Commerce. He advises German and international corporate clients across diverse technology-driven industries (IT, automotive, banking and fintech, health care, public transportation) on all kinds of technology- and privacy related matters.

Another focus is on IT security and cybersecurity. Michael regularly publishes on data protection and IT security law and is a certified ICO ISMS 27001:2022 Security Officer and Auditor. He also acts as head of the information security expert group.

In 2018, Michael Kuska was seconded for six months to a DAX30 corporation and advised on various international projects with respect to digital transformation, information technology and privacy in the automotive industry. Michael Kuska has been recognized by Legal500 as Next Generation Partner in the field of data protection law.

Affiliations

  • Bundesverband IT-Sicherheit e.V. (TeleTrusT) - Member of the "IT Security Law" working group
  • International Technology Law Association (ITechLaw)
  • International Bar Association (IBA)

Michael Kuska's Distinctions

Best Lawyers 2026

Handelsblatt: Deutschlands Beste Anwälte 2025

Leaders League 2024

Legal 500 EMEA 2024

Legal 500 Germany 2024

Leaders League 2023

Legal 500 Deutschland 2023

Legal 500 EMEA 2022

Legal 500 Germany 2022

Latest news

06-12-2025
158 HEUKING lawyers honored by Best Lawyers
02-14-2024
Legal 500 Germany: "Professionally and personally, you can rely on receiving very good ad-vice in every situation"
10-12-2023
Heuking advises Labquality Oy on the acquisition of P.R.I.S.M.A.-CRO Clinical Research Organisation GmbH
04-06-2023
Schön Klinik SE takes over imland hospitals with Heuking
more news

Publications

2025

Was Geschäftsleitungen im Bereich Cybersicherheit beachten müssen
CyberSecurityQuarterly, 1st Edition, March 20, 2025,
together with Manuel Poncza
Protection against drone deployments as part of information security risk management
Update Information Security No. 3, March 4, 2025,
together with Manuel Poncza
The new Medical Devices Operator Ordinance has come into force – New requirements for software and IT security
Update Information Security and Update Health Care & Life Sciences 2/2025,
together with Catarina Angelika Seemann, LL.M. (medical law)
Der Cyber Resilience Act: Ein Überblick über Hintergründe und Ziele
LIFTjournal, edition 01.2025,
together with Manuel Poncza
Adoption failed – What's next for the NIS2 Implementation Act and the KRITIS Umbrella Act?
Update Information Security No. 1, February 13, 2025

2024

Cyber Resilience Act passed and NIS2 implementation in Germany on the home straight
Update Data Protection No. 189, October 31, 2024,
together with Manuel Poncza
Neue Sicherheitsstandards im ÖPNV: Welche Auswirkungen bringt die NIS2-Richtlinie?
Der Nahverkehr, Issue 10, October 2024
Cyberrisken beim Einsatz von IIoT - Neue Pflichten für die Fabrik – jetzt handeln und Vorschriften umsetzen!
Factory Innovation, Issue 05/2024, September 13, 2024,
together with Manuel Poncza
NIS2 Directive: Update on the German Implementation Act
Update Data Protection No. 183, July 30, 2024,
together with Dr. Hans Markus Wulf , Manuel Poncza
Gut gewappnet gegen Viren, Würmer und Trojanische Pferde
In-house Counsel, Issue 4/2024, July 8, 2024,
together with Manuel Poncza
NIS2 Directive: Update on the German Implementation Act and the new EU Implementing Regulation
Update Data Protection No. 180, July 2, 2024,
together with Dr. Hans Markus Wulf
Microsofts größte Schwäche
The Pioneer, May 13, 2024
Der Angriff auf die Gesundheit – Kann die NIS2-Richtlinie die IT-Sicherheit der Gesundheitsbranche stärken?
Going Public, April 4, 2024,
together with Dr. Klaus-Georg Baier
The implementation of the NIS2 Directive in Germany: The challenge of determining the scope of application for corporate groups
Update Data Protection No. 175, March 27, 2024,
together with Manuel Poncza
Show moreShow less

2023

The new draft of the Digital Act – New requirements for IT security in the health sector
Update Data Protection No. 154 & Update Health Care 3/2023
Das neue KRITIS-Dachgesetz: Überblick zum neuen Referentenentwurf
Update Data Protection No. 151,
together with Manuel Poncza
Aller guten Dinge sind drei – Angemessenheitsbeschluss der EU-Kommission schafft neuen Rechtsrahmen für Datentransfers in die USA
Update Data Protection No. 149,
together with Julian Rosenfeld
Wie in Zukunft Patientendaten genutzt werden sollen
kma (Klinik Management aktuell), July 3, 2023,
together with Catarina Angelika Seemann, LL.M. (medical law)
New draft regulation for consent management services (PIMS) pursuant to section 26 TTDSG
Update Data Protection No. 144, June 14, 2023,
together with Dr. Philip Kempermann, LL.M.
EuGH: Kein Schadenersatz ohne Schaden!
Update Data Protection No. 141,
together with Dr. Lutz Martin Keppeler
EDSA Task Force – Bericht zur Ausgestaltung von Cookie Bannern
Update Data Protection No. 139
DSGVO: Stellungnahme des EuGH Generalanwalts zum SCHUFA Scoring
Update Data Protection No. 137,
together with Julian Rosenfeld
Der European Health Data Space – Einführung und Übersicht zum geplanten digitalen Datenraum in der EU im Gesundheitsbereich
Update Data Protection No. 130 & Update Health Care 1/2023,
together with Catarina Angelika Seemann, LL.M. (medical law)
Show moreShow less

2022

Digital Markets Act – Wesentliche Inhalte und Bedeutung
Update Datenschutz No. 119,
together with Dr. Philip Kempermann, LL.M.
China’s New Regulation on Outbound Data Transfer
Datenschutzverstöße und ihr Preis – Neue Leitlinien zur Berechnung von Bußgeldern nach der DSGVO in Europa
Update Data Protection No. 112 and Update Compliance 13/2022,
together with Dr. Anna Lena Glander
Belgische Datenschutzaufsichtsbehörde entscheidet: TCF 2.0 – Weite Teile des programmatischen Online-Marketings – rechtswidrig!
Update Data Protection No. 109,
together with Dr. Lutz Martin Keppeler
New requirements for cookies under the TTDSG – German Data Protection Authorities publish Guidance for Telemedia Providers
Update Data Protection No. 108,
together with Dr. Lutz Martin Keppeler

2021

Cybersecurity u. internationaler Datentransfer – Aktuelle Herausforderungen u. Trends im digitalen Gesundheitssektor
Plattform Life Sciences, edition 2/21 „Smarte Medizin“
Federal Court of Justice on the Scope of the Right to Access pursuant to Article 15(1) GDPR
Update Data Protection No. 103
Cross-State Review of Websites and Use of Cookies by German Supervisory Authorities
Update Data Protection No. 102,
together with Dr. Lutz Martin Keppeler
Aktuelle Handlungsempfehlungen zur Ausgestaltung von Cookie-Bannern
Update Data Protection No. 93
more publications

Lectures

2024

Cyber Resilience Act: Bürokratiemonster oder Innovationstreiber?
ITB.Partners Digital Conference, December 4, 2024
NIS2 – Chancen und Herausforderungen
Cybersecurity Event by Deutsche Bank, November 19, 2024, Düsseldorf,
together with Manuel Poncza
NIS2 und DORA: Chancen und Herausforderungen für Ihr Unternehmen
Heuking & Hays Cyber Security Event, June 26, 2024, Düsseldorf,
together with Manuel Poncza
Die NIS2-Richtlinie und ihre Auswirkungen im Sektor Transport und Verkehr
Cyber Security Circle NRW, June 24, 2024, Gelsenkirchen
NIS2, CRA, DORA & Co – Überblick zur EU Cybersicherheits-Strategie und deren Umsetzung im Unternehmen
Rechtsabteilungen & Unternehmensjuristen Konferenz 2024, May 28, 2024, Frankfurt,
together with Manuel Poncza
NIS2 und die Zukunft der Managed Service Provider
IT-Business Online Kongress 2024, May 14, 2024
Die NIS2-Richtlinie – IT-Sicherheit als Compliance-Anforderung
HEUKING Compliance Day, April 11, 2024, Düsseldorf,
together with Manuel Poncza
Show moreShow less

2023

Rechtliche Hürden beim Umgang mit Cyber-Angriffen
Breidenbach & Frost Symposium Cyber Security in Public Transport, December 1, 2023, Cologne, together with Manuel Poncza
Rechtliche Hürden beim Umgang mit Cyber-Angriffen
Breidenbach & Frost Fachtagung Cyber Security im ÖV, June 30, 2023, Cologne, together with Manuel Poncza
Data Breach Management – An Overview from a Global Perspective
Lexology Webinar, 23. Juni 2023, June 23, 2023, together with Nick Holland (Shoosmiths) and Jena Valdetero (Greenberg Traurig)
Von Cloud bis Homeoffice – Rechtliche Aspekte einer sicheren IT
Deutsches Studierendenwerk e. V., June 20, 2023
NIS-2 Richtlinie
Cyber Insurance Conference, June 1, 2023, Borussia Park Mönchengladbach, together with Manuel Poncza

2022

Aktuelle Risikoeinschätzung der Verwendung von US Tracking Tools und „optimierten“ Consent Layern
Heuking Webinar, together with Dr. Lutz Keppeler
Datenweitergabe an externe Dienstleister
IHK Hanau, July 14, 2022

You are currently using an outdated and no longer supported browser (Internet Explorer). To ensure the best user experience and save you from possible problems, we recommend that you use a more modern browser.