Tag

Germany

Browsing

The German Data Protection Authority in the state of Baden-Württemberg (DPA) imposed the first fine under the GDPR in Germany. The fine of EUR 20,000 was imposed on a chat platform provider for storing its users’ passwords without encrypting them. The unencrypted storing of passwords was revealed by the provider itself in conjunction with submitting a breach notification to the DPA following a hacker attack.It began with a security breachThe chat platform provider “knuddels.de” was…

The “Market Guardian Experts” organization (Marktwächter) of the Consumer Protection Association Rhineland-Palatinate (“CPA RP”) announced that it has sent a cease-and-desist letter to two mobile game providers, Outfit7 Limited and Green Tea Games Limited, for an alleged violation of child-related advertisement laws. According to the CPA RP, the two mobile games offer in-app purchases for a price of up to 109.99 Euros and promote them with obtrusive pop-up advertising throughout the game. 1. Summary and provided arguments Outfit7 Limited received a warning letter…

The German consumer association North Rhine-Westphalia (Verbraucherzentrale NRW) announced that it considers numerous terms of service of a leading console marketplace to be in breach with the German law on standard business terms. For this reason, the Verbraucherzentrale NRW sent a cease and desist letter to Sony Europe to stop using the allegedly violating clauses. As an example, the Verbraucherzentrale NRW names clauses which require the user to use his/her pre-paid credit within 24 months to avoid expiration. The Verbraucherzentrale…

In light of the GDPR, the German data protection authorities (German DPAs) have issued new guidance regarding the implementation of whistleblowing hotlines. The new position of the German DPAs is so fundamentally different from their pre-GDPR position that German companies should review, and likely implement changes to, any existing whistleblowing hotlines offered to their employees.The general EU position before the GDPR came into effect was that whistleblowers were encouraged to disclose their identity rather than…

One minute ago, at 11 am CET on August 8, 2018, the German classification board (“USK”) announced that it will from now on accept applications for the classification of video games which include swastikas and other so called “nazi symbols”. The decision will most likely be the beginning of the end of an era in which video games which include “unconstitutional” symbols had to be heavily altered for their German release. The decision has significant…

Fan service (ファンサービス): German regultors increasingly crack down on Japanese anime video games | LinkedIn Facts During the last 18 months a significant change of the regulatory practice in relation to Japanese anime games featuring so called “fan service” (ファンサービス / fan sābisu) took place in Germany. Five games were refused classification by the German Age Rating board (“USK”): Criminal Girls 2, Valkyrie Drive: Bhikkhuni, Senran Kagura: Peach Beach Splash, Gal*Gun 2, and Omega Labyrinth…

On 23 March 2018 the German Commission for the Protection of Youth in the Media (KJM) released its long awaited official position on loot boxes. The KJM is the head regulator for youth protection in online media in Germany (including video games, apps, social casino, etc.). Whilst the KJM’s statement is non-committal it outlines that loot boxes can, under certain circumstances, violate youth protection laws. The KJM is not responsible for regulating gambling. Thus, potential…

Under the European General Data Protection Regulation (GDPR), which will start to apply on 25 May 2018, many companies will be required to appoint a Data Protection Officer (DPO). Violating the requirements relating to the appointment of a DPO can be sanctioned with fines of up to EUR 10 million or up to 2 percent of the total worldwide annual turnover, whichever is higher. So, who do you appoint as your DPO? Companies may choose…

The German legislator has, in principle, adopted the Network Enforcement Act (NEA) (in German: “Netzwerkdurchsetzungsgesetz”) which will impose stringent new obligations on social media platform providers in relation to unlawful content. This an attempt to more effectively combat fake news and hate speech. Click here for our detailed client alert.Who will the NEA apply to?The NEA will apply to, and impose obligations on, providers of social media platforms that have at least two million registered…

Germany is one step closer to new data protection rules as the German Parliament and the Federal Council have both approved the draft of a new Federal Data Protection Act (Bundestag printing matter 18/11325). The purpose of the draft is to align German data protection law to the European General Data Protection Regulation (“GDPR”), which will be applicable as of May 25, 2018. The new law is intended to replace the existing Federal Data Protection…