Alina Epe
Frankfurt, Hessen, Deutschland
346 Follower:innen
345 Kontakte
Gemeinsame Kontakte mit Alina Epe anzeigen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Gemeinsame Kontakte mit Alina Epe anzeigen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Berufserfahrung
Alina Epes vollständiges Profil ansehen
Weitere Beiträge entdecken
-
Jon Baines
This issue crops up quite often in a subject access context - controllers often proceed on the assumption that they don’t need to provide copies of personal data consisting of emails or other correspondence previously sent by the data subject to the controller. But there is no exemption for “personal data the data subject already has/has had”. One tends to find though that it’s one of those situations that - unless relations between the data subject and controller have totally broken down - can be resolved with a bit of discussion, and pragmatism on both sides. In many cases the data subject has no wish to receive copies of such personal data, and will agree to redefine the request to exclude that data from its ambit.
13
2 Kommentare -
Martin Zwick
Upcoming Cases in Germany on Data Scraping Damages Mark your calendar: On October 8, 2024, the Federal Court of Justice (BGH) in Germany will hear two pivotal cases (VI ZR 7/24 and VI ZR 22/24) concerning compensation claims for individuals whose data was illicitly scraped and disseminated online by unknown third parties. In both cases, the defendant is Facebook (Meta Platforms, Inc.). The incidents stem from a major data breach in April 2021, where information from approximately 533 million Facebook users across 106 countries was leaked online. This breach was facilitated by a feature that allowed Facebook profiles to be found via phone numbers, which third parties exploited using automated scraping tools. The plaintiffs, whose user IDs, names, countries, and genders were exposed, seek compensation for non-material damages, alleging insufficient security measures by Facebook. They report experiencing anxiety, stress, and loss of comfort and time. Additionally, they demand an injunction and information disclosure. Previous rulings saw the Heilbronn and Cologne Regional Courts dismiss the claims, but the Stuttgart and Cologne Higher Regional Courts provided mixed outcomes. The Stuttgart Higher Regional Court partially upheld one plaintiff’s appeal, recognizing Facebook's liability for future damages, while the Cologne Higher Regional Court upheld the dismissal. Both plaintiffs are now pursuing their claims through BGH-approved revisions. The outcomes could set significant precedents in data protection law. #DataProtection #Facebook
173
3 Kommentare -
CHUONG Luong Van (Chris)
“… However, the opinion of the court with regard to information on existing deletion logs is interesting and consistent. The court points out that if a deletion process is still documented and stored, at least in terms of its scope, this constitutes (individual) personal data about the data subject. The court also explains this view using an example: documentation of a deletion process such as "Deletion process on XX.XX.XXXX: all documents submitted by the plaintiff from the calendar year XXXX and before" is covered by the right to information if this information can still be related to the person concerned. “
-
Jan Peter Voß
Our recent article on the Data Act focuses on its impact on cloud services, in particular the regulations on IoT products and on changing cloud service providers. Please do not hesitate to contact us if you have any questions! #avocadolaw #legalupdate #dataact #cloud #cloudservice #crm #erp
5
-
Navid Arshadi
Discover our latest Deloitte study on AI adoption in Austrian companies! Despite the increasing hype, many companies are still cautious with their AI budgets. Our study reveals that while AI is widely used for simple tasks like automating routine operations, significant investment is needed for long-term success. Learn more about the challenges and opportunities in Austria's AI landscape!
4
-
EQS Group
𝐇𝐨𝐰 𝐜𝐚𝐧 𝐀𝐈 𝐭𝐫𝐚𝐧𝐬𝐟𝐨𝐫𝐦 𝐰𝐡𝐢𝐬𝐭𝐥𝐞𝐛𝐥𝐨𝐰𝐢𝐧𝐠 𝐰𝐡𝐢𝐥𝐞 𝐦𝐚𝐢𝐧𝐭𝐚𝐢𝐧𝐢𝐧𝐠 𝐢𝐧𝐭𝐞𝐠𝐫𝐢𝐭𝐲 𝐚𝐧𝐝 𝐚𝐜𝐜𝐨𝐮𝐧𝐭𝐚𝐛𝐢𝐥𝐢𝐭𝐲? 🤔 Hosted by internal investigations specialist Dr. Jan Heuer from KLIEMT.Arbeitsrecht, and our very own "AI ambassador", Moritz Homann, our latest webinar delved into the opportunities, risks, and best practices of #ArtificialIntelligence in #Whistleblowing. The intrigue surrounding AI's capabilities in a trickier context such as whistleblowing is undeniable. However, understanding its boundaries is just as crucial. Dr. Jan Heuer clarified these aspects, helping attendees gain a comprehensive overview of what the possibilities are... Moritz Homann showcased how #IntegrityLine is incorporating AI in whistleblowing, with features such as automated case screening, transcription of voice recordings, and many more 👀 Watch the replay 👉 https://lnkd.in/deuCt25g #AI #Whistleblowing #Webinar #ComplianceTech #EQSComplianceCOCKPIT
18
-
Luis Alberto Montezuma
Don't hate me because today is Monday but it is Large Language Models (LLMs)'s Monday many thanks to Carolin Loy! The committee of Independent German Federal and State Data Protection Supervisory Authorities “DSK" notes, "The data protection supervisory authorities are unanimous in their opinion that it is their task to provide authorities and companies that use AI with close and practical support using their expertise in the protection of personal data. This begins with the training of generative AI models, which will obviously form the core element of most AI systems used in practice. Anyone who analyzes their functional conditions in more detail from a legal and technical perspective will find that in the vast majority of cases, the processing of personal data cannot be ruled out. This is followed by a multitude of data protection issues, as the current case of a journalist from Baden-Württemberg shows. In the results of a common AI product, he was turned from a reporter into the perpetrator of various criminal acts and had to fight for the protection of his personal rights." This means, as Dr. Henrik Hanssen notes in his post, "that the majority of the German DPAs take the view that, in the vast majority of cases, the training of GenAI models usually involves the processing of personal data within the meaning of the GDPR." Unofficial translation:
20
-
ECJ Today
❗Today at the EU Court of Justice❗Did German prosecutors obtain evidence from infiltration of EncroChat with Trojan software in compliance with EU law? And if not: can it still be used❓ ⚖️Today's ruling: if evidence was obtained in breach of respective EU law, it must be disregarded by criminal courts if … … the accused cannot comment on that evidence; and if … … such evidence is likely to determine the criminal court ruling And: infiltration of phones by one EU Member State must be notified to another Member State if the target person is located there 🔨 ⚖️What happened in case C-670/22: EncroChat phones had end-to-end encryption, mostly used by organized criminals French investigators infiltrated it with a "Trojan" of military secrecy Based on intercepted communication, Berlin prosecutors charged a suspected dealer with severe drug offences 📢ECJ Today always alerts you with a concise summary when the verdict is out. Accurate, easy to understand and in English language 🔨 https://lyfx.ai/ecj-today/ #Staatstrojaner #CriminalLaw #dataprotection #CJEU #EUlaw #LegalInsight #EuropeanUnion #ECJToday #EuropeanInvestigationOrder #FightOrganizedCrime #JusticeAndHomeAffairs #FundamentalRights #EncroChat #privacy https://lnkd.in/d3nssx8g
6
1 Kommentar -
Nils Repke
The 3rd edition of the German Nomos commentary on reorganization law has been published. Among other things, it takes into account the changes brought about by the Act Implementing the Reorganization Directive (UmRUG), the Act to Strengthen Financial Market Integrity (FISG) and the Act to Modernize Partnership Law (MoPeG). Authors from academia and practice highlight the legal, tax and co-determination aspects of the various types of reorganizations. In addition to co-editor Oliver Habighorst, White & Case's Bodo Bender, Tim Bracksiek, Hendrik Röger and Julia Sitter comment on the provisions on domestic and cross-border reorganizations as well as on reorganization tax law. https://ow.ly/vfYc50Sk2cE Hashtags: #UmRUG #FISG #MoPeG
3
-
Dr. Robert Paffen
The #compliance function within organizations is undergoing a significant #transformation, finding itself at a crucial reflection point. Traditionally, compliance has been viewed as a necessary burden, focused on ensuring adherence to laws and regulations. However, this narrow perception is evolving, and new ways of seeing #risk are emerging. #pwc #letschangethewayweseerisk Sam Samaratunga, Sean Joyce, Shaun Willcocks, Mariann Witkowski, Rami Feghali, Marc Billeb, Kyung-Hee Anita Kim-Reinartz, Grant Waterfall, Kolja von Westerholt, Kathrin Kersten, Jörg Tüllner, Christina Stecker ... https://lnkd.in/eB7dZmf7
36
-
Dr. Marc Störing
AI and data protection will be an exciting matter in Germany. Now that it is clear that the Federal Network Agency will be responsible for AI supervision in Germany, companies will be confronted with a complex supervisory situation in the future. The Federal Network Agency (BNetzA) supervises AI. As soon as - and this is practically always the case - personal data is processed, one of the state data protection authorities is also responsible, or (in the case of telecommunications companies, postal companies, etc.) the Federal Data Protection Authority. And for regulated companies in the financial and insurance sector, the Federal Financial Supervisory Authority (BaFin) is also responsible - and it has been very busy for some time now, not only publishing statements on the subject of AI, but also actively approaching companies. Our clients will therefore typically be confronted with two or three different supervisory authorities at the same time when using AI. One of the authorities is a data protection authority, and as I said, there is not just one of these in Germany, but 18 in total! And they don't always have the same view. In a recent paper from Baden Württemberg, the supervisory authority there reveals its expectations on the subject of data protection and AI. And the 41 pages are very helpful! #gdpr #ai #ai-act #osborneclarke #osborneclarkede
20
1 Kommentar -
Jannick Thonemann
𝐀𝐈 𝐍𝐄𝐖𝐒𝐅𝐋𝐀𝐒𝐇: A recent judgement from the Landgericht Kiel (29.02.2024, 6 O 151/23) has brought up interesting questions regarding AI liability. 𝐒𝐮𝐦𝐦𝐚𝐫𝐲 𝐨𝐟 𝐭𝐡𝐞 𝐂𝐚𝐬𝐞: The case involved an AI system designed to generate information based on official records such as the German company register to create reports on companies. The AI system in question generated content that was found to be harmful and misleading. Specifically, the AI produced statements that were factually incorrect as it reported that a specific company lacked funds and would be deleted from the company register. Despite the presence of disclaimers stating that the AI-generated content should not be taken as factual or authoritative, the court ruled that these disclaimers did not absolve the creators or operators from liability. 𝐊𝐞𝐲 𝐓𝐚𝐤𝐞𝐚𝐰𝐚𝐲𝐬: The court determined that disclaimers alone are insufficient to shield AI creators or operators from liability. If an AI system produces harmful or misleading content, those responsible for the AI can still be held accountable, regardless of any disclaimers. The court also addressed the issue of freedom of speech, noting that the AI’s statements could generally be protected under Article 5 I of the German Constitution. This ruling is an early step in what will likely be a series of important decisions shaping the future of AI development and legal responsibility. It is not unlikely that other courts would disagree but it highlights the need for careful consideration of ethical and legal issues as AI technologies continue to evolve and points out the need for proper #AIgovernance in product development. The full text is available in German at
26
-
Mateusz Kupiec, FIP, CIPP/E, CIPM
🍪The Datenschutzkonferenz has published guidance on the lawful handling of technologies like #cookies and similar tools within the framework of #GDPR and the ePrivacy Directive. These tools often process personal data to track user behavior across devices, raising privacy concerns. The document distinguishes between storing/accessing information on user devices and further data processing, each governed by separate legal principles: the ePrivacy Directive addresses device integrity, while the GDPR regulates personal data processing. 🔹The guidance emphasizes that consent is required for most device interactions unless strictly necessary for service provision. Consent must be informed, specific, freely given, and revocable. Transparency in consent mechanisms, such as banners, is crucial, ensuring users understand data use purposes, involved parties, and the consequences of their choices. With the enactment of the TTDSG, and its successor, the TDDDG, Germany has aligned its regulations with EU standards, replacing outdated laws and expanding the scope to “digital services.” 🔹The DSK also clarifies the overlap between GDPR and ePrivacy rules. For example, while the GDPR governs personal data, the ePrivacy rules apply broadly, even when no personal data is involved. Specific cases where consent is not required, like essential cookies for technical functions, are narrowly defined. 🔹The guidance also addresses practical aspects of consent banners, advising on their design to prevent coercion or “nudging.” Buttons for acceptance and rejection must be equally accessible, clearly labeled, and easy to use. Furthermore, service providers must ensure consent withdrawal is as simple as its provision. 🔹The DSK reinforces accountability by urging providers to document compliance with data protection rules, including the legal basis for processing. It stresses the importance of safeguarding privacy while facilitating transparent, user-centric digital services in line with EU legal standards.
36
4 Kommentare -
David Vasella
Neu auf datenrecht.ch: EDÖB - PFPDT - IFPDT: Das Datenschutzgesetz in Zahlen — Summary (generated): The EDÖB has released statistics regarding its activities under the new data protection law (DSG) from its implementation until November 5, 2024. Initially, the focus was on introducing the new regulations through guidance documents while managing ongoing tasks. Recently, supervisory tasks have become more prominent. The EDÖB can conduct formal investigations into suspected violations of data protection laws, informal preliminary inquiries, and low-threshold interventions encouraging compliance. As of now, the EDÖB received 1,183 reports of DSG violations, with 889 completed, and 293 data breach notifications. It also performed 86 low-threshold interventions, which were voluntarily followed in about 90% of cases. The report highlights gaps in data, including the nature and frequency of security breaches and voluntary notifications.
27
-
Veronika Ludwig
I find initiatives like this posted by Prof. Dr. Georges-Simon Ulrich excellent for raising awareness around Privacy-Enhancing Technologies (PETs). In the private sector, these technologies must also be promoted more strongly. From my experience, there are key challenges that hinder their broader adoption: - Complexity – PETs are hard to understand and implement, making it difficult to build trust in their use. - Cost – The financial and operational burden often leaves companies questioning the business case. - Lack of Awareness – PETs are not widely known, even within IT circles, and should be discussed more broadly. Initiatives like this are very welcome as they can greatly help make PETs more accessible and trusted, ultimately allowing us to unlock the value of data while balancing societal benefits with the protection of individual rights.
7
-
Orrick in Deutschland
In the latest edition of ZD - Zeitschrift für Datenschutz ,Christian Schroeder and Robert Weinhold take an in-depth look at the fundamental principles of the Data Act. This significant piece of legislation raises a multitude of questions, and our Cyber, Data & IT team provides insights into the key aspects of the regulations and the impact it will have on various stakeholder groups. Read this article for free with a trial subscription https://lnkd.in/eHChFKu Orrick, Herrington & Sutcliffe LLP #dataact #dataprotection #dataprivacy #TeamOrrick
24
-
EFAMRO
The Federal Commissioner for Data Protection and Freedom of Information (BfDI) summarises the most important points from a data protection perspective on the publication of the Regulation on Artificial Intelligence (AI-VO). The BfDI stated that the General Data Protection Regulation (GDPR) is technology-neutral and applies to artificial intelligence (AI) systems, and this will continue to be the case with the EU AI Act which supplements existing legal requirements. https://lnkd.in/dzeyXEdN #AIRegulation #EUAIAct #GDPR
-
EuroPriSe
The Global Privacy Assembly (GPA), held from October 28 to November 1 in Jersey, has adopted a resolution focused on "Data Free Flow with Trust" (DFFT). This initiative, driven by the German Federal Commissioner for Data Protection and Freedom of Information (BfDI), Prof. Dr. Louisa Specht-Riemenschneider, aims to establish clear guidelines for cross-border data transfers, which are crucial for international data protection. The resolution outlines essential data protection elements for DFFT, fostering a more harmonized legal framework and effective transfer mechanisms, such as standard contractual clauses and certifications for secure data exchanges. The GPA, the world's largest international association of data protection authorities with over 130 members, also addressed various technological issues, including data protection concerns related to large language models in artificial intelligence. Prof. Dr. Specht-Riemenschneider, who leads the International Working Group on Data Protection in Technology (IWGDPT), participated in a panel discussion on these topics. The adoption of the DFFT resolution marks a significant step toward enhancing global cooperation and trust in data sharing practices. #GDPR #DataProtection #GDPRcertification #Compliance #DataPrivacy #RegulatoryCompliance #GlobalPrivacyAssembly
2
-
Serghei Turcan, CFE, CAMS
🎙️ Dive into the world of financial fraud with Vanessa Skrzypczyk and Patrick Schneider's podcast! Join them as they discuss what triggers an internal corporate investigation, share expert insights, and offer ideas on how to become a (better) forensic investigator. Subscribe now for your dose of intrigue!
5
Weitere Mitglieder, die Alina Epe heißen
Es gibt auf LinkedIn 1 weitere Person, die Alina Epe heißt.
Weitere Mitglieder anzeigen, die Alina Epe heißen