German companies or German-based subsidiaries of international businesses may become subject of, or otherwise involved in, investigations by German or foreign regulatory or law enforcement authorities. In the context of such investigations, it is not unusual for the concerned company to face informal requests from German or foreign regulatory and law enforcement authorities for voluntary cooperation. Oftentimes, such requests focus on the transfer of electronic data for investigatory purposes, and such data typically relate, in whole or in part, to individuals (e.g. employees, suppliers and customers). In these and other cases, compliance of German companies or German-based subsidiaries with informal requests from regulatory and law enforcement authorities may itself entail a compliance risk or even constitute a breach by the corporate entity of the German data protection laws resulting in criminal prosecution, administrative sanctions, or damage claims and other actions by third party individuals. This article outlines the scope of application of the German Federal Data Protection Act, introduces the applicable statutory provisions, and discusses the relevant considerations in the context of an informal request by a regulatory or law enforcement authority for voluntary cooperation in the context of global investigations, in particular where a German-based entity faces requests from authorities abroad.
|23 August 2016
|Kopp, Thomas, Pfisterer, Valentin
|Cleary Gottlieb Steen & Hamilton LLP,, Universität Leipzig, Juristenfakultät, University of Miami, School of Law
|Hochschulschriftenserver (HSSS) der SLUB Dresden
|Compliance Elliance Journal (2016),2:2, S. 52-75
Page generated in 0.0018 seconds