Christina Ziegler-Kiefer
Attorney-at-law | LL.M.
Senior Associate
Certified company data protection officer (TÜV®)
Expertise
- Licence law and open source software
- IT contract and cyber insurance law
- Regulated industries with a focus on healthcare
- DiGA (Digital health applications) and health apps
Career
- Law studies at Saarland University
- Master of Laws (LL.M.) in the program “Information and Communication Technology (ICT) Law” at the University of Oslo
- Legal clerkship at the Higher Regional Court of Saarbruecken with stations at Bird & Bird LLP in Hamburg and at the Saarland Independent Data Protection Centre in Saarbruecken, among others
Current projects (extract)
- Advising national and international companies as well as public bodies on compliance with data protection laws
- Drafting and management of contracts in the software and IT sector
- Legal support for companies in the introduction of new products in the digital environment
Publications (selection)
- Der Cyber Resilience Act und Medizinprodukte – Welche Cybersicherheitsanforderungen gelten für Medizinprodukte? (trans. “The Cyber Resilience Act and medical devices – What cybersecurity requirements apply to medical devices? “) (with Miriam Schuh), MPJ – Medizinprodukte Journal 6/2025, starting p. 403
- Zwischen Cloud und Kontrolle - Datenschutz und digitale Souveränität bei Microsoft 365 (trans. "Between the cloud and control – data protection and digital sovereignty with Microsoft 365") (with Stefan Hessel and Moritz Schneider), Kommunikation & Recht 12/2025, starting p. 755
- Data Act und Geschäftsgeheimnisschutz in der Praxis (transl. "Data Act and trade secret protection in practice") (with Moritz Schneider) ($), GRUR-Prax Magazin 19/2025, 10.10.2025, starting p. 648
- AI Act: Der KI-Verhaltenskodex der EU (trans. "AI Act: The EU's AI Code of Conduct") (with Moritz Schneider) ($), iX Magazin 09/2025, starting p. 94 and heise online
- Liability for software under the new European Product Liability Directive (with Laura Herlitz), International Bar Association, 30.04.2025
- Privacy Policies generativer KI-Plattformen – ein Überblick (trans. „Privacy policies of generative AI platforms – an overview“) ($), heise online, 03.04.2025
- Datenschutz und Cybersicherheit von medizinischen Produkten (trans. "Data protection and cybersecurity for medical products") (with Stefan Hessel and Jeanne Dillschneider), DuD – Datenschutz und Datensicherheit, Issue 03/2025, starting p. 181
- Cyber Resilience Act – von der Theorie zur Praxis (trans. "Cyber Resilience Act – from theory to practice") (with Stefan Hessel and Annika Mischler), Phi Haftpflicht international – Recht & Versicherung, Issue 02/2025, starting p. 66
- AI Act in der Praxis: EU veröffentlicht Leitlinien für Betriebe und Behörden (trans. "AI Act in practice: EU publishes guidelines for businesses and public authorities"), heise online, 11.02.2025
- Nach Trump-Entscheidung: Kippt das Abkommen für Datenübermittlungen in die USA? (trans. "After Trump's decision: Will the agreement on data transfers to the US be overturned?") (with Stefan Hessel), heise online, 29.01.2025
- Software-Anbieter aufgepasst: Sie haften jetzt für fehlerhafte Produkte (trans. "Software providers take note: you are now liable for faulty products"), heise online, 12.11.2024
- Steigende Anforderungen an Cyberversicherungen (trans. "Increasing demands on cyber insurance") (with Stefan Hessel) ($), ZdiW - Zeitschrift für das Recht der digitalen Wirtschaft, 2023, Issue 9-10, starting p. 245
- Aktuelle Rechtsprechung zum Datenschutz- und Cybersicherheitsrecht (trans. "Current case law on data protection and cyber security law") (with Stefan Hessel) ($), ZdiW - Zeitschrift für das Recht der digitalen Wirtschaft, 2023, Issue 9-10, starting p. 253
- Data Privacy Framework: Das zählt beim Datenexport (trans. "Data Privacy Framework: What matters when exporting data") (with Christoph Callewaert) ($), iX Magazin, Issue 10/2023, 19.10.2023, starting p. 100 and heise online, 08.09.2023
- Der Abschlussbericht der Datenschutzkonferenz zu Microsoft 365 – eine kritische Bewertung (trans. "The final report of the Data Protection Conference on Microsoft 365 – a critical assessment") (with Stefan Hessel) ($), RDi - Recht digital, Issue 6/2023, p. 282
- Supply-Chain-Cybersecurity: Neue Herausforderungen (trans. "Supply chain cybersecurity: new challenges") (with Stefan Hessel), iX Magazin, Issue 2/2023, starting p. 74
- Rechtsprechungsreport – Der halbjährliche Praxisüberblick zum Produkthaftungs- und Produktsicherheitsrecht (trans. "Case law report – The half-yearly practical overview of product liability and product safety law") (with Philipp Reusch) ($), Deutscher AnwaltSpiegel, Issue 6/2022, starting p. 11
- Datenschutzrechtliche Herausforderungen beim Einsatz von Microsoft 365 - Kritikpunkte und praktische Umsetzung (trans. "Data protection challenges when using Microsoft 365 – points of criticism and practical implementation") (with Stefan Hessel) ($), Deutscher AnwaltSpiegel, Issue 21/2022, starting p. 7