Twitter Logo Youtube Circle Icon LinkedIn Icon

The Legal 500 Hall of Fame Icon The Legal 500 Hall of Fame highlights individuals who have received constant praise by their clients for continued excellence. The Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. In Europe, Middle East and Africa, the criteria for entry is to have been recognised by The Legal 500 as one of the elite leading lawyers for seven consecutive years. These partners are highlighted below and throughout the editorial.
Click here for more details

Austria > Legal Developments > TMT ( Technology, Media & Telecoms) > Law firm and leading lawyer rankings


Press releases and law firm thought leadership

This page is dedicated to keeping readers informed of the latest news and thought leadership articles from law firms across the globe.

If your firm wishes to publish press releases or articles, please contact Shehab Khurshid on +44 (0) 207 396 5689 or



On 5th December 2018, the Austrian data protection authority (Datenschutzbehörde, "DSB") issued a decision (DSB-D123.270/0009-DSB/2018) on data subject's right to data deletion according to Art 17 GDPR. In a nutshell, the DSB accepted consistent anonymisation as a valid alternative to physical and technical deletion. Beside the clear statement that anonymous data is not subject to the GDPR, the DSB provided detailed information on (technical) requirements of anonymisation methods:

Consent or pay – a valid scheme under the GDPR?

Media companies throughout Europe struggle with a difficult economic environment: Shrinking sales figures for print products, the digitalisation and consumer demand force publishers to offer their content also on the internet. However, generating money for online publications is not quite easy as – at least in Austria – online subscription against renumeration has not been well accepted by customers. This partially has its root in the lack of suitable micropayment means in the past and users thus getting acquainted to online information being offered for free. Thus, publishers have instead focused on financing their platforms by online marketing activities such as placement of banners. Nowadays such digital advertisement is usually targeted to the specific user. For this purpose, cookies are stored on the user's computer upon his first visit of the website, which then collect data about his location, technical equipment used and online behaviour. This finally allows to display specific, user targeted advertisements. However, such cookies may cause issues with applicable consent requirements under the telecommunication and data protection regulations:

Austrian "White List"

Exceptions from the OBLIGATION TO CARRY OUT A data protection impact assessment

Immediately on 25 May, the GDPR-day, the Austrian Data Protection Authority published its White List brining some clarity concerning the obligation to carry out a data protection impact assessment. As expected, especially standardized data processing activities and already registered processing operations that have to be approved by the authority in advance do not require an impact assessment.

 for Austria and we can only hope that it will be issued soon as well.

First Annual Privacy Shield Review to take place in September 2017

One of the core principles of the EU-US Privacy Shield ("Privacy Shield") is its Joint Review mechanism, which obliges the European Commission, the US Department of Commerce and the Federal Trade Commission to jointly review the functioning of the Privacy Shield on an annual basis, together with its national security and law enforcement aspects. The very first Joint Review is scheduled for September 2017. This first review is considered especially important, as it will be the first opportunity for US and EU regulators to closely analyse the operation of the Privacy Shield, address possible concerns about its functioning, and seek to ensure that the Privacy Shield continues to be a valid legal basis for transfers of personal data from the EU to the US.

read more... 


After some last-minute amendments, the new Austrian Data Protection Act, implementing and supplementing the EU General Data Protection Regulation, was finally adopted by the Austrian Parliament on 30 June 2017. The new provisions provide for some local specialties that must be considered by all companies active in Austria. All changes become applicable from May 2018 but the new obligations require complex internal amendments that should be reflected in the course of the GDRP implementation to avoid the increased penalties. [read more here]

Austria: Draft Data Protection Amendment Act 2018 in Appraisal

National Room for Manoeuvre Despite the GDPR

About a year before the General Data Protection Regulation (GDPR) comes into full effect, the Austrian legislator officially started a six-week consultation process for the national Data Protection Amendment Act 2018 (Datenschutz-Anpassungsgesetz 2018). The GDPR will harmonise the EU's data protection laws, but numerous so-called "opening clauses" allow national leeway. Besides, EU Directive 2016/680 requires implementation into national law and provides specific regulations on data processing by security authorities for the purpose of law enforcement. The published draft implements the Directive's provisions in a separate chapter (HauptstĂĽck). read more...

First Draft for the New Austrian Data Protection Act Published

The long-awaited first draft for the new Austrian Data Protection Act, implementing and supplementing the EU General Data Protection Regulation, was finally published on 12 May 2017. 

One and two character domain names will be available soon under the Austrian ccTLD

While it has been possible to register one or two character domain names ("short domains") under several Top Level Domains (TLDs) for quite some time (eg for the German ".de" TLD, following the 2009 "" judgment), the Austrian registry operator has hitherto not delegated short domains under the TLD ".at" (to date the minimum length of domain names under the ".at" top level domain had been three characters). Read more...

- A New gTLD Targeting The Insurance Sector

Industry related generic Top-Level Domain ("gTLD") <.insurance> provides new opportunities and new challenges for online activities in the insurance sector. read more...

EU: New Information Obligations for Online Traders

1. The EU Regulation

Since 9 January 2016, traders established within the Union engaging in online sales or service contracts must provide new information on their websites. The Regulation (EU) No 524/2013 ("Regulation") on online dispute resolution for consumer disputes ("ODR") applies directly in all member states and does not require transposition by the member states (with the exception of some provisions that apply from an earlier date according to Article 22 of the ODR).  read more...

The ruling on the field stands: The ECJ follows Advocate General and declares Safe Harbour invalid

Yesterday, the European Court of Justice (ECJ) followed Advocate General Yves Bot's recommendations in the ECJ Case C-362/14 (Maximilian Schrems vs Data Protection Commissioner) and declared the Commission's US Safe Harbour Decision invalid. In brief, Schrems, an Austrian law student, challenged Facebook's practice of storing personal data on U.S.-based servers, a practice that allegedly allows the NSA, or similar United States intelligence organizations, to have easy access to the personal data of EU citizens. read more...

ECHR -- Internet News Portals May Be Held Liable for User-generated Comments

On 16 July 2015, in a case of first impression, the Grand Chamber of the European Court of Human Rights ("ECHR") issued its final decision regarding the liability of a news portal for offensive comments made by its users. In the case Delfi AS v. Estonia (application no. 64569/09, the "Case"), the ECHR decided that holding an internet news portal liable for comments made by a third-party commentator to the portal’s site is not in breach of the portal’s freedom to impart information. read more...

Austria: Start-ups – Common Legal Issues

Austria recently experienced a significant boom in start-ups(1) and has produced some major international players (eg, Runtastic, bwin, and Whatchado). That said, starting a business in Austria requires an understanding of the peculiarities of the legal system. This update discusses some of the common legal risks and issues that come along with starting a business in Austria. read more...

- A New gTLD Targeting the Financial Sector

The industry-related generic Top-Level Domain ("gTLD") <.bank> provides new opportunities and new challenges for online activities in the financial services sector. read more...

Austria: Telecom contracts: Electronic Bill and/or Paper Bill?

The amended Universal Services Directive 2002/22/EC requires EU Member States to ensure that their respective national regulatory authorities are able to oblige all providers of publicly available telephone services to make "itemised bills" available to their subscribers on a free of charge basis. Such bills identify in particular details such as the number called, date and time of call, call duration and the cost of separate calls. Thus, subscribers should be able to control the charges they have incurred and, consequently monitor, their usage and expenditure. read more...

Hungary: New advertising tax feels like a bucket

Hungary's new advertising tax, which has been introduced effective as of 15 August 2014, affects not only media companies, online and offline content providers and advertising agencies (media companies), but may also affect regular manufacturing and trading companies active in various industry segments (commercial companies). read more...

EU: Retention denied - ECJ declares Data Retention Directive invalid

On 8 April 2014, the European Court of Justice ("ECJ") declared the Data Retention Directive (the "Directive")[1], which had been the subject of great debate, invalid. The Directive required telecommunications providers to retain certain categories of traffic and location data in order to allow law enforcement authorities to access this data for the purpose of (severe) crime and terrorism prevention and prosecution. read more...

Bulgaria: Avoiding legal 'gotchas' in your next marketing campaign

Businesses have relied on marketing campaigns (including special offers and games) for decades to popularize their services and products. In these efforts, the end consumer has always been the target and the source of success.

Austria/EU: European Commission tightens the deadline: Data breach notification within 24 hrs

A new EU Regulation forces providers of public communications services to notify data breaches to their regulators within 24 hours. This Regulation will be directly applicable in the Member States as of 25 August 2013. At first glance, Austrian telecommunications law would seem to be in line with this new Regulation, but the difference lies in the details. read more...

Reselling Used Apps?

In a recent decision, the Court of Justice of the European Union (CJEU) held that the resale of used software generally cannot be excluded in licence terms. The judgment, which aimed at the resale of used business software, may also affect the app market. Read more...


Der Europäische Gerichtshof hat mit seinem Urteil „Oracle vs. Usedsoft" im Juli eine vermeintlich eindeutige Entscheidung zu Gunsten von Gebrauchtsoftwarehändlern und Unternehmen, die ihre gebrauchte Software noch gewinnbringend an den Mann/die Frau bringen wollen, getroffen. Dennoch scheint die aktuelle Entscheidung nur die Spitze des Eisbergs zu sein. Wie so oft bei der kasuistischen Entscheidungspraxis lauert der Teufel im Detail. Die brennenden Fragen für Unternehmer tauchen erst jetzt auf bzw. scheinen durch das Urteil nur unzureichend beantwortet. Der Versuch einer Klarstellung.

The perils of smartphone apps

Would you tell a stranger your name, date of birth, credit card number and address? Would you give him your email address and reveal where you work? What about the destination of your next business trip, your hotel and room number, the price of the room and your frequent flyer number? While you’re at it, why not share your spouse’s and children’s names and birthdays?

Interview with...

Law firm partners and practice heads explain how their firms are adapting to clients' changing needs

International Law Firm Networks

International comparative guides

Giving the in-house community greater insight to the law and regulations in different jurisdictions.

Select Practice Area

GC Powerlist -

International Law Firm Networks