News

News

Advocate General at the CJEU: Concerning the appropriateness of technical and organisational measures and compensation for non-material damages in the event of a hacker attack

Advocate General at the Court of Justice of the European Union (CJEU), Giovanni Pitruzzella, published his opinion in case C-340/21 on 27. April 2023 regarding the conditions for compensation for non-material damages and the burden of proof for the appropriateness of technical organizational measures (TOMs) under Art. 32 GDPR in connection with a hacker attack.

Further expansion of competence in the field of IT security law consulting at Piltz Legal

As part of our consulting strategy, we at Piltz Legal are continuously expanding our expertise in the area of IT security law. When advising our clients, it is important for us not only to provide specialist legal know-how, but also to be able to speak the language of IT.

Awarded once again by the magazine "WirtschaftsWoche"

We are very pleased about the award of the "WirtschaftsWoche" once again.

New awards for Prof. Dr. Burghard Piltz & Dr. Carlo Piltz

We are pleased Prof. Dr. Burghard Piltz & Dr. Carlo Piltz were awarded by "Handelsblatt" again.

German Federal IT security authority publishes guidelines for AI developers

The German Federal Office for Information Security (BSI) is already providing support with a whole series of statements on the subject of artificial intelligence (partly even in English).

It is therefore all the more gratifying that the BSI has in the meantime also addressed the question of how developers can practically protect machine learning systems from the most relevant threats and take adequate protective measures in a guideline.

The BSI distinguishes between three central threats in its guideline: Evasion attacks, attacks that aim to extract information, and backdoor attacks. These attacks will be briefly presented and illustrated in the following.

Whistleblower protection and the right of access on a collision course – challenges in the parallel application of whistleblower protection and Art. 15 GDPR

The enactment and applicability of the German implementation law (“German Whistleblower Protection Act”) for the Whistleblowing Directive (Directive (EU) 2019/1937) is in sight even though the law was not passed yet because the “Bundesrat” did not agree to the text adopted by the “Bundestag”. It might still take some time until the two parliaments agree on a final text. However, there is time pressure due to Germany already falling far behind the deadline for the implementation of the European Directive. This also means that the legal obligation to set up an internal reporting channel is getting closer for very many German companies (all with generally at least 250 employees).