Piltz Legal was named one of the TOP Commercial Law Firms 2022 in the field of data protection by FOCUS magazine

In a previous article (only available in German), we addressed the question of who qualifies as a managed service provider (MSP) or managed security service provider (MSSP) under the amended German Act on the Federal Office for Information Security and on information security in entities (BSI Act – BSIG) (Note: There is currently no official English translation of the current version of the BSIG. However, there is at least a machine translation by the EU.). If a company within a group of companies is centrally responsible for the operation of the group's IT, it can be classified as an MSP and thus as an important or particularly important entity within the meaning of Sec. 28 para. 1 no. 4 and/or Sec. 28 para. 2 no. 3 BSIG – provided that it falls within the scope of the BSIG.

Within the scope of the NIS-2 Directive (NIS-2-RL), situations may arise in which providers of certain NIS-2-relevant services, such as managed service providers, are based solely in a third country but offer services within the EU. According to Art. 2 (1) NIS-2 Directive, the territorial scope of application applies as soon as a company provides a service or carries out activities in the EU. Art. 26 NIS-2 Directive specifies this scope of application to the effect that, in principle, the Member State in which the entity is located and thus its respective implementing law is applicable. We have already written an article on this subject.

We are very pleased that Prof. Dr. Burghard Piltz and Dr. Carlo Piltz have received further awards from the Handelsblatt and have been included in the 16th edition of The Best Lawyers in Germany™.