Data protection crinimal law is becoming increasingly important due to the continuous technical development and the increasing regulation. With the General Data Protection Regulation Act (GDPR), which came into force in May 2018 in addition to the existing Federal Data Protection Act (BDSG), the requirements for risk provisioning have grown considerably. The data protection supervisory authorities and public prosecutor offices are obliged to monitor or to detect violations of the data protection laws and react with severe sanctions in the event of a breach.
The GDPR was originally intended to harmonize European data protection law wherefore it includes a variety of consumers’ rights. This creates major challenges for companies, as they are now obliged to implement the new rules efficiently. Obligations such as the appointment of a data protection officer as well as information and documentation obligations in principle apply to all companies. For this reason, a particularly high level of compliance under data protection aspects is required in connection with the collection, storage and processing of personal data.
If companies fail to comply with these requirements, data protection criminal law threatens severe penalties ranging from fines to custodial sentences for responsible individuals. It is worth highlighting the introduction of group liability, according to which the calculation of fines is based on the total group turnover – with fines of up to EUR 20 million or up to four percent of the company’s total worldwide turnover.
In order to develop, implement and optimize an individual data protection compliance -system, which complies with national and European data protection regulations, Juergen Klengel identifies all risk areas. He gives comprehensive and solution-oriented legal advice, with particular focus regarding the prevention of coercive means, such as fines and convictions. He develops conflict resolutions and as an experienced defence attorney, he also represents his clients in proceedings regarding breaches of data protection law and defends companies and individuals in administrative and criminal proceedings.