Ste­fan Hessel

Attorney at law | LL.M.
Head of Digital Business

Master of Laws (Information Technology and Law)
Certified Data Protection Officer (TÜV®)
Certified ISMS Security Officer according to ISO/IEC 27001 (ICO)
Certified ISMS Auditor according to ISO/IEC 27001 (ICO)

Ste­fan Hessel


  • Advi­ses and assists cli­ents on com­plex issues in the field of data pro­tec­tion, cyber secu­ri­ty and IT law
  • Acts as an exter­nal data pro­tec­tion officer
  • Acts as an expert in the field of cyber­se­cu­ri­ty and data pro­tec­tion law (e.g. as an expert wit­ness befo­re the Bun­des­tag regar­ding the Act on Self-Driving Vehicles)
  • Expert in cyber­se­cu­ri­ty and data pro­tec­tion law
  • Tech­ni­cal and legal ana­ly­sis of attacks on IT systems
  • Con­sul­tant and guest lec­tu­rer for ques­ti­ons at the inter­sec­tion of IT secu­ri­ty and law inter alia at Deut­sche Uni­ver­si­tät für Ver­wal­tungs­wis­sen­schaf­ten Speyer


  • Stu­di­ed law at Saar­land University
  • Work­ed as rese­arch employee e.g. at the CISPA Helm­holtz Cen­ter for Infor­ma­ti­on Secu­ri­ty and Saar­land University’s Insti­tu­te of Legal Infor­ma­tics (Prof. Dr. Sorge)
  • Mas­ter of Laws (LL.M.) in “Infor­ma­ti­on Tech­no­lo­gy and Law” at Saar­land University
  • Curr­ent­ly: dis­ser­ta­ti­on on legal ques­ti­ons in the field of IT and data pro­tec­tion law

Cur­rent pro­jects (sel­ec­tion)

  • Pro­vi­des data pro­tec­tion law sup­port for the use of Micro­soft 365 by com­pa­nies and public agencies
  • Sup­ports and imple­ments data pro­tec­tion law requi­re­ments with respect to new busi­ness models
  • Deve­lo­ps legal capa­ci­ties to deal with cyber­at­tacks in com­pa­nies (legal inci­dent response)

Latest News

Ste­fan Hessel

Micro­soft 365 Respon­se and pre­ven­ti­on to requests from authorities


Data pro­tec­tion for cloud ser­vices in the public sector


Publications (selection)

back to team site

Stay up-to-date

We use your email address exclusively for sending our newsletter. You have the right to revoke your consent at any time with effect for the future. For further information, please refer to our privacy policy.