Dr. Christian Schröder is partner in our Düsseldorf Office and leads Orrick's Cyber, Privacy & Data Innovation Group in Europe. He collaborates with team members in the United States (U.S.), Europe (EU), and Asia to provide support to global clients. As a technology-focused partner, Christian advises on all sorts of “data” focused laws such as cybersecurity and privacy regulatory compliance, incident response, data licensing and data sharing requirements, AI, regulatory investigations and enforcement, as well as litigation.
Christian helps clients consider the privacy and artificial intelligence implications of new technology, supports their compliance programs, and helps them stay ahead of enforcement trends. One particular focus of his work deals with internal data transfer agreements, external data transfers with external providers, and product launches that comply with international data protection standards, as well as privacy requirements for connected cars. Furthermore, Christian provides guidance on privacy and data protection considerations for developing, acquiring, using, licensing and selling technology, data and intellectual property, including M&A transactions and IP focused joint ventures. He supports companies on the set-up of webshops, outsourcings, license agreements, in cases of trademark or unfair and deceptive trade practice issues, as well as on hard and software license and information technology (IT) project agreements.
Christian maintains strong working relationships with German data protection authorities and EU regulatory authorities with jurisdiction over privacy and data security matters. He effectively defends companies in cybersecurity and privacy-related investigations initiated by EU regulatory authorities. He also engages with authorities on behalf of clients and helps clients avoid proceedings and possible litigation. When litigation can't be avoided, Christian vigorously defends his clients.
For companies facing global cybersecurity incidents, Christian helps with crisis mitigation, including counseling on notification requirements, coordinating media strategies, and representing clients before data protection authorities in related regulatory investigations.
Christian regularly contributes practical thought leadership to global privacy industry publications and German privacy books and journals. Christian authors the Chapter V (international data transfers) of Germany’s leading GDPR commentary Kühling/Buchner (4th ed.) and is co-author to the Corporate Privacy Handbook (Betrieblicher Datenschutz). As an active member of the Sedona Conference, Christian drives the development and understanding of cross border privacy. He also participates in, hosts and moderates speaking programs with fellow private practitioners, EU data protection authorities, and academics focused on privacy and data security. Legal 500 Germany named Christian one of the top 15 practitioners in 2023 and noted that he is "a pioneer in the legal field, a data protection guru." They also recognized Christian and Orrick as "truly global" and how that it is "vital as they require the various leaders of each region to participate and bring issues to the table as a forum".
Prior to working in private practice, Christian interned with the German Federal Data Protection Commissioner and www.epic.org.
Global companies face stricter rules on employee data privacy, in particular when using social media and internal monitoring tools. It also now becomes clearer that many EU Member States will use the opening clause of Art. 88 General Data Protection Regulation (“GDPR”) to re-implement their “old” data privacy laws.
- Use of Social Media And Employee Analysis Tools Under GDPR
Recently, the Article 29 Working Party (“WP29”), the expert group of European data protection authorities, published its opinion on the upcoming changes relating to data privacy at the work place. It explains what employers should do for ensuring compliance with the GDPR and provides guidelines for the use of information found on social media platforms – such as Facebook or LinkedIn and for electronic monitoring of employees. READ MORE