Partner
Dr. Johanna M. Kirschnick, LL.M. (KCL)
Johanna advises German and international companies on digitalization projects with a focus on data protection law, e-commerce, and IT law, bringing extensive in-house experience and a deep understanding of processes in large corporations.
Partner
Dr. Johanna M. Kirschnick, LL.M. (KCL)
Johanna advises German and international companies on digitalization projects with a focus on data protection law, e-commerce, and IT law, bringing extensive in-house experience and a deep understanding of processes in large corporations.
Additional Qualifications
- Dr. jur. (PhD) in data protection and data security law (University of Kassel)
- LL.M. in IT/IP-law (King’s College, London)
- Certified Information Privacy Professional/Europe, CIPP/E (IAPP)
Vita (short)
- Studied law at the University of Potsdam, Germany, completed with the first state examination (Erstes Staatsexamen)
- Legal clerkship (Referendariat) in Berlin and Barcelona, meanwhile research associate in a law firm, completed with the second state examination, the German Bar Exam (Zweites Staatsexamen)
- Postgraduate studies completed with the LL.M. degree in IT/IP at King’s College, London, UK
- Several years of research work in the project group “Constitutionally Compatible Technology Cesign” (provet) under the chair of Prof. Dr. Roßnagel, in charge of an interdisciplinary research project on dynamic data protection and data security certification of cloud computing services.
- Admission to the German Bar since 2018 and worked as German solicitor (Rechtsanwältin) in international law firms in Munich and Berlin; long term secondments in a large German group of companies with international operations and at the German subsidiary of a US technology group of companies.
- PhD (Dr. jur.)
- The thesis was awarded with the Science prize of the legal society in Kassel
- Since 2021 Data Protection Officer of German entities of a US corporate technology group and partner in a law firm
Focus
-
Johanna advises international and German companies on their digitalization projects. She specializes in data protection law, eCommerce and IT law. Johanna can draw on many years of in-house experience at the German subsidiary of a globally active US technology group. Through various secondments, she has gained deep insights into the workflows of large corporate units.
Publications (excerpt)
- 2024
-
International data flows, in Johannes/Geminn (eds.), Handbuch Datenrecht, Nomos 2024 (publication in German language; co-authorship with Dominik Hoidn), in the process of publication.
- 2024
-
Sanctions, in Johannes/Geminn (eds.), Handbuch Datenrecht, Nomos 2024, (publication in German language) in the process of publication.
- 2023
-
Chapter 12: Liability for data processing / data protection, in Hoeren/Bensinger (eds.), Haftung im Internet, de Gruyter, 2023, p. 679-710 (publication in German language).
- 2023
-
Dynamic in the implementation of data protection requirements within corporate groups, Datenschutz-Berater, 2023, p. 269-299 (publication in German language).
- 2022
-
How to use B2B-leads lawfully?, in DSB 2022, p. 238-241 (publication in German language; co-authorship with Dominik Hoidn).
- 2021
-
Brexit-Deal increases the chances of a seamless transition to the EU Commission’s adequacy decision, in ZD-Aktuell 2021, 05010 (publication in German language; co-authorship with Benjamin Stach).
- 2021
-
Soft Brexit – the calm before the storm?, in: ZD 2021, p. 3-8 (publication in German language; co-authorship with Benjamin Stach).
- 2020
-
Comment to judgement EUCJ, decision of 16.07.2020, C-311/18 – Schrems II, in: K&R 2020, p. 594-595 (publication in German language; co-authorship).
- 2019
-
Dynamic certification – data protection certification pursuant to the GDPR on the example of Cloud Computing, (publication in German language; doctoral thesis), Nomos, Baden-Baden, 2019.
- 2018
-
Dynamic certification – the road to a regulation compliant cloud computing, in: Roßnagel, A., Friedewald, M., Hansen, M. (eds.), Die Fortentwicklung des Datenschutzes – zwischen Systemgestaltung und Selbstregulierung, Wiesbaden, 2018, p. 293-307 (publication in German language).
- 2017
-
Data Processing (Cloud Computing), in: Roßnagel, A. (editor), Das neue Datenschutzrecht – Europäische Datenschutz-Grundverordnung und deutsche Datenschutzgesetze, Baden-Baden 2017, p.172-186 (publication in German language).
- 2017
-
Data protection authorities (organisation and responsibilities), in: Roßnagel, A. (editor), Das neue Datenschutzrecht – Europäische Datenschutz-Grundverordnung und deutsche Datenschutzgesetze, Baden-Baden 2017, p. 230-238 (publication in German language).
- 2017
-
Legally compliant design of Cloud-Services, in: Krcmar, H. u.a. (editors), Management sicherer Cloud-Services – Entwicklung und Evaluation dynamischer Zertifikate, Wiesbaden 2017, p. 25-57 (publication in German language; co-authorship).
- 2017
-
Protecting trust through certification, in: Krcmar, H. u.a. (editors), Management sicherer Cloud-Services – Entwicklung und Evaluation dynamischer Zertifikate, Wiesbaden 2017, p. 69-80 (publication in German language; co-authorship).
- 2017
-
Legal requirements on certification pursuant to the GDPR, in Krcmar, H. u.a. (editors), Management sicherer Cloud-Services – Entwicklung und Evaluation dynamischer Zertifikate, Wiesbaden 2017, p. 101-112 (publication in German language; co-authorship).
- 2017
-
The day that changed almost nothing: Do you actually know when the GDPR came into force? in: ZD-Aktuell 2017, 05853 (publication in German language).
- 2017
-
GDPR: Guide to autonomous interpretation oft he term of persona data, in: Zeitschrift für Datenschutz (ZD) 5/2017, p. 221-226 (publication in German language; co-authorship with Paul Johannes).
- 2016
-
Requirements under GDPR and NIS-Directiveon cloud computing, ZD-Aktuell 2017, 0548 Mitautorenschaft in Roßnagel (Hrsg.), Europäische Datenschutz-Grundverordnung, Baden-Baden 2016 (publication in German language).
- 2016
-
Guidance on the General Data Protection Regulation, synopsis of the German translation of the GDPR in the draft version of 28 January 2016 to the promulgated version, Roßnagel (editor), ITeG Technical Report, Band 4, Kassel 2016 (publication in German language; co-authorship).
- 2016
-
Comment on judgement of BGH, decision of 19.03.2015, Az. I ZR 157/13 – Schufa-Hinweis, in VuR 2016, p. 67-69 (publication in German language).
- 2015
-
Dynamic certification of cloud computing services: A legal approach on the example of availability, in: Cunningham et al. (eds.), INFORMATIK 2015, GI-Edition – Lecture Notes in Informatics (LNI), p. 539-552 (publication in German language).
- 2015
-
Guideline No. 11 – Data protection and cloud computing of the working group on the legal framework for cloud computing, competence centre of the Trusted Cloud technology programme of the Federal Ministry of Econoic Affairs of Germany, Berlin 2015 (publication in German language ; co-authorship).
Talks (excerpts)
- 2023
-
JUC Netzwerktreffen München, Rechtsprechung – Aufsichtsbehörden – Praxishilfen, Vortrag zum Thema Datenschutz im Konzern umsetzen.
- 2023
-
Datenschutzkonferenz 2023: Data Protection Implementation in Multinational Corporate Structures.