- 71 offices - 65 cities - 40 countries - > 4,500 lawyers In jurisdictions where we do not have our own offices, CMS has been working successfully with partner firms within the World Law Group since 1988.
issue? 4 Answer yourself one simple question: Do I/does my app collect/store/share personal data? Personal data can be a lot of things: a first and/or last name, an email address, a telephone number, location data and many more like analytics or ads, ip-address, UDID, IMEI, IMSI, "Phone-Name", biometrical data. A person needs to be identified or identifiable. If the answer is yes (or even maybe yes) GDPR is an issue for you
GDPR? 5 Rights of data subjects Transparent information and communication Right to be informed Right to access the data Right to correct wrong data Right to be forgotten, deletion, restriction Right to data portability Obligations of the data processors and controllers Documentation Privacy by design and privcay by default Data breach notification Data protection impact assessment Consultation Data protection officer
steps to get control: 1. Get a map 2. Read the map and stick to your path 3. Know your way around the forest 4. Ask the user 5. Talk to the user 6. Check the party guests 7. Write down the rules
have entrusted us with their most personal information. We owe them nothing less than the best protection that we can possibly provide.” Tim Cook, White House Cybersecurity Summit, February 2015
secrets = business informations - data and knowledge - business plans - informations on clients and partners - internal stats and figures about your enterprise - plans and strategies, e.g. mergers and acquisitions - recipes - intellectual property beside patents, trademarks, copyrights, designs 10
EU directive on the protection of undisclosed Know-how and business information (trade secrets) / GeheimnisschutzG - aim: protection of innovations and economy in general - trade secret means: • secret information (not generally known or readily accessible to other persons) • commercial value • subject to reasonable steps under the circumstances to keep it secret 11
keep it secret - technical steps: • passwords • firewalls • limitations of access rights • classification of Know-how into different classes and secret steps • notations of secret ("top secret") - organisational steps: • documentation of the trade secrets and its reasonable steps to keep it secret • procedures and competences for the internal use of trade secrets • workshops for employees on know-how protection and IT security 13
clause (up to two years after termination of the contract) • prohibition to entice other colleagues • non-disclosure agreements • IT and social media guidelines Legal steps to keep it secret 14
and partners: • non-disclosure agreements • contractual penalty in case of infringement • exclusion of reverse engineering (which is now allowed under EU Know- how directive, unless other contractual agreements are made) Legal steps to keep it secret 15
trade secrets - lawful: • independent discovery/creation • observation, study, testing of a product or object that has been made available to the public • other practice which, under the circumstances, is in conformity with honest commercial practices • acquisition, use and disclosure that is allowed under european or national law • reverse engineering • whistle blowing (legitimate interests, freedom of media) - unlawful: • acquisition of a trade secret carried out by unauthorised access to, appropriation of, or copying of any documents, materials or files or any other conduct contrary to honest commercial practices • use or disclosure of a trade secret by a person having acquired the secret unlawfully or being in breach of a confidentiality agreement 16
- right to receive informations about the sales made by the infringement - burden of proof: • trade secret • reasonable steps to keep it secret • documentation! Claims in case of infringement 17