Stefan Hessel
Attorney at law | LL.M.
Head of Digital Business
Master of Laws (Information Technology and Law)
Certified Data Protection Officer (TÜV®)
Certified ISMS Security Officer according to ISO/IEC 27001 (ICO)
Certified ISMS Auditor according to ISO/IEC 27001 (ICO)

Expertise
- Advises and assists clients on complex issues in the field of data protection, cyber security and IT law
- Acts as an external data protection officer
- Acts as an expert in the field of cybersecurity and data protection law (e.g. as an expert witness before the Bundestag regarding the Act on Self-Driving Vehicles)
- Expert in cybersecurity and data protection law
- Technical and legal analysis of attacks on IT systems
- Consultant and guest lecturer for questions at the intersection of IT security and law inter alia at Deutsche Universität für Verwaltungswissenschaften Speyer
Career
- Studied law at Saarland University
- Worked as research employee e.g. at the CISPA Helmholtz Center for Information Security and Saarland University’s Institute of Legal Informatics (Prof. Dr. Sorge)
- Master of Laws (LL.M.) in “Information Technology and Law” at Saarland University
- Currently: dissertation on legal questions in the field of IT and data protection law
Current projects (selection)
- Provides data protection law support for the use of Microsoft 365 by companies and public agencies
- Supports and implements data protection law requirements with respect to new business models
- Develops legal capacities to deal with cyberattacks in companies (legal incident response)
Latest News
Publications (selection)
- Publication (co author Monika Menz) in 'Deutscher AnwaltSpiegel' magazine, no. 23/2021, beginning on p. 3: "Neue Themen, hohe Komplexität, größtmögliche Synergien.", F.A.Z. Business Media GmbH: Frankfurt a. M.
- Article (co author Melanie Pradel) in 'juris-Magazin', 16.06.2021: "Internet of Things (IoT) & Co. – Wann gilt die DSGVO für Hersteller?", juris GmbH: Saarbrücken
- Article in 'Tagesspiegel Background', 03.05.2021: "AutonomesFahren: Experten streiten über Daten.", Verlag Der Tagesspiegel GmbH: Berlin
- Article in 'Handelsblatt Inside DIGITAL HEALTH', 24.03.2021: "Hafnium als Offenbarungseid für die Datenschutzaufsicht.", Handelsblatt GmbH: Düsseldorf
- Article in 'c’t Magazin', 11/2020: "Smartphone-Banking aus rechtlicher Sicht - Datenfänger und Haftungsflüchtlinge", Heise Medien GmbH & Co. KG: Hannover
- Article in 'Juris'-Magazine, 20.04.2020: "Erzwungene Digitalisierung: Datenschutzrechtliche Compliance im Homeoffice sowie bei Kollaborationssoftware, Videokonferenzen & Co.", juris GmbH: Saarbrücken
- Article (co-author Lena Leffler) in 'Computer und Recht' (CR) magazine, 02/2020, starting on page 139: "WhatsApp im Unternehmen?", Otto Schmidt Verlag: Köln
- Article (co-author: Karin Potel) in 'Datenschutz und Datensicherheit' (DuD) magazine, 02/2020, starting on page 94: "Zur Notwendigkeit einer Data Breach Notification bei Datenträgerverschlüsselung – Call Me Maybe?!", Springer Fachmedien: Wiesbaden
- Chapter (co-author: Christoph Sorge) in 'juris Praxiskommentar BGB' magazine, 06/2019 "Saarbrücker Tabelle für Geldentschädigung bei Persönlichkeitsrechtsverletzungen.", (Publisher: Maximilian Herberger, Michael Martinek, Helmut Rüßmann, Stephan Weth, Markus Würdinger), juris GmbH: Saarbrücken
- Article in 'JurPC Internet - Zeitschrift für Rechtsinformatik und Informationsrecht' magazine, no. 13, 2017: "My friend Cayla - eine nach § 90 TKG verbotene Sendeanlage?", Makrolog Content Management AG: Wiesbaden. (Awarded the Research Prize in Legal Informatics by the Vienna Center for Legal Informatics)