Dr. Christian Schröder heads Orrick's IP/IT & Data Privacy Practice Group in Germany in Orrick’s Düsseldorf Office. Christian advises medium sized (Mittelstand) companies to large multinationals on IP, Unfair and Deceptive Trade Practices, E-Commerce, IT and Data Privacy/Data Protection.
Christian provides IP/IT advice in M&A transactions and advises on IP focused joint ventures. He supports companies on the set-up of webshops, outsourcings, license agreements, in cases of trademark or unfair and deceptive trade practice issues as well as on hard and software license and IT project agreements.
As a core member of Orrick's global Cybersecurity and Data Privacy team, Christian has a special focus on data privacy/data protection matters. In particular, Christian advises on a risk-based approach to privacy, on implementing databases and new software applications, in particular, cloud based solutions. He advises on data privacy contracts, internal data privacy policies, binding corporate rules, user agreements on BYOD, whistleblowing schemes, e-discovery, security breaches, and intra-group data sharing on a national and international basis. He also regularly defends companies against unfair access to their know-how by competitors and against unfair poaching of customers and employees.
Data Privacy /
Compliance Programs: Advising various mid to large
sized multinational companies on GDPR compliance, understanding international data flows,
drafting data sharing agreements, setting up compliance structure and
privacy-by-design programs, assisting with Privacy Impact Assessments, and
revising data privacy policies. Some of these clients are among the worldwide leading technology companies.
Connected Cars: Advising global tech companies and car manufacturers on data privacy implications with Connected Cars.
Data Transfer Mechanisms: Developing and
implementing enterprise-wide compliance programs, including (online) customer
and employee privacy policies, cookie compliance, terms of service, and end
user licensing agreements relating to core privacy and related
Monitoring and Works Council Agreements: Advising
several global companies in connection with the implementation of employee
monitoring schemes and cross-border data flows, international transfer (both
intra-group transfers and third-party transfers) of
employee data from countries outside of Europe to a service provider in Europe
(and vice versa) and, developing a global HR data privacy approach; drafting
and representing clients in works council agreements relating to the
implementation and use of IT applications.
before Supervisory Authorities: Representing a
global event organizer in supervisory procedures regarding data privacy
Vendor Data Processing Agreements: Advising several global
tech companies on tailored data processing agreements which include cloud
services with various sub-processors.
Data Privacy and E-Commerce: Advising several
international companies on data privacy and e-commerce law matters, inter alia
on using personal data for direct marketing, and collecting and using personal
data in the online environment.
Travel and Ed-Tech Data Privacy: Advising leading travel and
Ed-Tech companies on data privacy issues specific to their businesses.
Advising Tech Start-ups on Data
Privacy: Advising numerous
mid-sized start-ups from the U.S. and Germany regarding IT and data privacy
matters, i.e. to develop marketable products and services that align with
consumer privacy and data protection principles. Also, drafting privacy
policies, terms and conditions, and vendor contracts, as well as evaluating
cutting-edge and disruptive technologies and businesses on privacy compliance
and consumer protection concepts.
Connected Cars: Advising a car manufacturer
on connected cars and international data transfers.
Cybersecurity and Data Breach
Incident Plans: Counseling major computer
software companies on Cybersecurity and incident plans.
Strategic Cloud Computing
Advice: Providing strategic advice to key
cloud computing market players in relation to data protection and information
Integration Issues: Integrating
a German affiliate into the group's internal data sharing/access schemes and,
in this context, conducting challenging negotiations with IT providers and the
affiliate's works council (Betriebsrat).
IT Licensing: Advising a leading
U.S. software manufacturer on its EU and German software licensing terms &
conditions and regularly conducting negotiations with its customers.
IT Licensing: Advising a U.S. cloud software provider on its German licensing terms & conditions.
- Software Joint Venture: Advising a leading German market platform on a Joint Venture with a software manufacturer.
Unfair Trade and IP
Trade Practices Litigation: Representing several
software and e-commerce companies in unfair competition litigation, e.g.
regarding unfair advertising and breach of consumer protection regulations.
Prosecution and Litigation: Advising various small
to large national and international companies on trademark prosecution and
M&A Technology/Joint Venture Transactions
- Christian assisted several representative clients,
including Flexera Software, Microsoft, NVIDIA, Sensata Technologies, and SIG
Global companies face stricter rules on employee data privacy, in particular when using social media and internal monitoring tools. It also now becomes clearer that many EU Member States will use the opening clause of Art. 88 General Data Protection Regulation (“GDPR”) to re-implement their “old” data privacy laws.
- Use of Social Media And Employee Analysis Tools Under GDPR
Recently, the Article 29 Working Party (“WP29”), the expert group of European data protection authorities, published its opinion on the upcoming changes relating to data privacy at the work place. It explains what employers should do for ensuring compliance with the GDPR and provides guidelines for the use of information found on social media platforms – such as Facebook or LinkedIn and for electronic monitoring of employees. READ MORE