Stefan Hessel
Attorney at law | LL.M.
Head of Digital Business
Master of Laws (Information Technology and Law)
Certified Data Protection Officer (TÜV®)
Certified ISMS Security Officer according to ISO/IEC 27001 (ICO)
Certified ISMS Auditor according to ISO/IEC 27001 (ICO)
Expertise
- Advises and assists clients on complex issues in the field of data protection, cyber security and IT law
- Act as an external data protection officer
- Expert in the field of cyber security and data protection law (e.g. as an expert witness on the law on autonomous driving in the Bundestag)
- Technical and legal analysis of attacks on IT systems and the impact of cyber attacks
- Speaker and lecturer on issues at the interface of IT security and law, e.g. at the German University of Administrative Sciences Speyer
Career
- Studied law at Saarland University
- Master of Laws (LL.M.) in “Information Technology and Law” at Saarland University
- Worked as research employee e.g. at the CISPA Helmholtz Center for Information Security and Saarland University’s Institute of Legal Informatics
- Self-employed activity as data protection officer
- Member of the Board and Treasurer of Deutscher EDV-Gerichtstag e.V.
- Currently: dissertation on legal questions in the field of IT and data protection law
Current projects (selection)
- Provides data protection law support for the use of Microsoft 365 by companies and public agencies
- Supports and implements data protection law requirements with respect to new business models
- Develops legal capacities to deal with cyberattacks in companies (legal incident response)
Latest Events
Latest News
Publications (selection)
- Article (co authors Potel, K; Töpper H.; Vietze, L.) in 'DuD - Datenschutz und Datensicherheit', Vol. 47, 2023, beginning on p. 440: "Datenschutz bei Hinweisgebersystemen", Springer Gabler: Wiesbaden
- Article (co author Christina Kiefer) in 'RDi - Recht digital', Issue 6/2023, p. 282: "Der Abschlussbericht der Datenschutzkonferenz zu Microsoft 365 – eine kritische Bewertung", Verlag C.H. Beck oHG: Munich
- Article (co author Moritz Schneider) in 'NVwZ - Neue Zeitschrift für Verwaltungsrecht', Issue 10/2023, p. 717: "Produktwarnungen durch das Bundesamt für Sicherheit in der Informationstechnik", Verlag C.H. Beck oHG: Munich
- Article (co author Christoph Callewaert) in 'Digital sicher in eine nachhaltige Zukunft - Tagungsband zum BSI-Kongress 2023', beginning on p. 189: "Die geplante EU-Verordnung für einen Cyber Resilience Act – Worauf müssen sich Unternehmen einstellen?", SecuMedia Verlags-GmbH: Ingelheim
- Article in 'ZdiW - Zeitschrift für das Recht der digitalen Wirtschaft', Issue 2, February/2023, beginning on p. 57, "»Scraping« und die DSGVO", Verlag: Wolters Kluwe Germany
- Commentary on §§ 8b, 8c BSIG sowie der §§ 165-169 TKG in 'Recht der Informationssicherheit', 2023, Verlag: C.H. Beck: Munich
- Article (co author Christoph Callewaert) in 'K&R - Kommunikation & Recht', vol. 25, December 2022, beginning on p. 789: "Der Cyber Resilience Act der EU-Kommission", dfv Mediengruppe: Frankfurt a. M.
- Article (co author Christoph Callewaert) in 'LogR - Logistik & Recht', Vol. 1, December 2022, beginning on p. 52: "Datenschutzkonformes GPS-Tracking in der Logistik – Ein Leitfaden für die Praxis", dfv Mediengruppe: Frankfurt a. M.
- Article (co author Christoph Callewaert) in 'Der Betrieb', Issue 44/2022, beginning on p. 2589: "Das aktuelle und zukünftige Cybersicherheitsrecht der EU – Die wesentlichen Pflichten für Unternehmen und deren praktische Umsetzung", Fachmedien Otto Schmidt KG: Düsseldorf
- Article (co authors Leffer, L.; Potel, K.) in 'ZD - Zeitschrift für Datenschutz', Issue 10/2022, p. 537: "Datengetriebene Geschäftsmodelle", Verlag C.H.BECK oHG: Munich
- Article (co author Maximilian Leicht) in 'DuD - Datenschutz und Datensicherheit', 05/2022, beginning on p. 305: "Datenschutzrechtliche Verantwortlichkeit in der Forschung - Zum Spannungsverhältnis zwischen der Forschungsfreiheit und der DSGVO", Springer Fachmedien Wiesbaden GmbH: Wiesbaden