News

The enactment and applicability of the German implementation law (“German Whistleblower Protection Act”) for the Whistleblowing Directive (Directive (EU) 2019/1937) is in sight even though the law was not passed yet because the “Bundesrat” did not agree to the text adopted by the “Bundestag”. It might still take some time until the two parliaments agree on a final text. However, there is time pressure due to Germany already falling far behind the deadline for the implementation of the European Directive. This also means that the legal obligation to set up an internal reporting channel is getting closer for very many German companies (all with generally at least 250 employees).

The Directive on measures for a high common level of cybersecurity across the Union ("NIS-2 Directive") published in the Official Journal of the European Union on December 27, 2022, aims to harmonize cybersecurity requirements in the EU and imposes new cybersecurity obligations on companies. It will replace the previously applicable NIS Directive.

In September 2022, the European Commission published its proposal for the Cyber Resilience Act ("CRA", Regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements and amending Regulation (EU) 2019/1020).

On October 7, 2022, U.S. President Joe Biden, after consultation with the European Commission, signed an Executive Order (“E.O.”) "on Enhancing Safeguards for United States Signals Intelligence Activities" (White House press release from October 7, 2022).

We are very pleased that Dr. Carlo Piltz is included among the leading names in the field of data protection in the latest edition of the Legal 500 Germany.

In the latest edition of the FOCUS magazin, Piltz Legal has been awarded as one of the top commercial law firms in the field of data protection.