Bird & Bird LLP's data protection team is based in Düsseldorf, Frankfurt and Munich and is composed of first-class lawyers who, based on a longstanding focus on IT and data matters, now advise on the most complex GDPR-related issues as well as on data usage, cloud computing and data-related disputes. Fabian Niemann heads the group and is particularly regarded for his interdisciplinary expertise. Alexander Duisberg has fruitful relationships with the automotive and healthcare sectors (for instance documented by instructions by Audi), and Lennart Schüßler is very well connected in the healthcare, finance, retail and telecoms industries. The practice's focus on the presence clearly reflects in its pro bono advice to Healthy Together GmbH, a joint effort to develop and launch the Covid-19 tracing app EINS supported by Switzerland and Liechtenstein. The firm also contributes to data protection literature, among others through Simon Assion's contributions.

DLA Piper's very solid data protection practice mainly foots on three pillars: the development and conception of data anonymisation systems (a central concern for the healthcare industry among others); advice to companies on GDPR compliance and fine proceedings; and cookies projects and related proceedings. With its German headquarters in Hamburg, Munich and Cologne, the team is part of the international Intellectual Property and Technology practice and is led by Stefan Engels and Thilo von Bodungen. In 2020, the Munich office welcomed of counsel Katia Helbig whose relationships with the automotive and high-tech industry are beneficial to the practice. Jan Geert Meents  is also very well connected in the automotive sector and specialises in data processing, data flow optimisation and data usage. Verena Grentzenberg  (Hamburg) primarily advises clients from the media, consumer goods and retail sectors on matters such as social media, big data and AI.

Latham & Watkins LLP has an excellent reputation for its advice on IT-related issues while its outstanding offering on the entire bandwidth of data protection matters is particularly appreciated. High-profile projects, such as defence instructions related to authorities investigations, as well as data breach and related damages claims are a particular mainstay of the practice. Both practice head Tim Wybitul as well as compliance expert Ulrich Wuermling, who is currently in London as a guest professor at the Queen Mary University, are considered Germany's data protection stars: Wybitul focuses on advising on the implementation of the European Union Data Protection Directive, employee data protection and internal investigations as well as on disputes and cross-border aspects; Wuermling impresses with his contributions to data protection literature and represents (from the London office in cooperation with the Frankfurt team) clients such as Schufa Holding AG in various data protection proceedings in higher courts including the Federal Supreme Court.

Noerr's renowned, Munich-based data protection practice advises companies on their dealings with data protection authorities as well as in case of the imposition of significant fines. Data protection-compliant design of digital processes has increasingly gained importance for the data protection practice that was established in 2018 and which continues to focus on data protection litigation (based on close cooperation with the firm's dispute resolution team) and data breach management (offering both crisis management and prevention). This broad approach has won the trust of German as well as international market players - including relationships that stretch to China and have flourished particularly with regards to data protection by design and internet of things matters. Practice head Daniel Rücker significantly contributes to the firm's visibility through his publications on innovative business models. In Frankfurt, Joachim Schrey stands out for his advice on the international exchange of personnel data and whistleblowing issues. Sebastian Dienst, who takes on the lead in data protection matters in relation to complex franchise and corporation structures, made associated partner at the beginning of 2020.

Osborne Clarke's data protection team relies on the expertise of highly regarded data protection lawyer Flemming Moos. Recently, the Hamburg-based group managed to expand its activity in data protection disputes significantly. Moos not only frequently contributes to client's successes in fine proceedings, but also to an optimisation of their data protection compliance. The latter continues to generate a high case load while the firm also successfully attracts instructions regarding digital transformation and related data protection issues. Data protection expert Marc Störing receives instructions across Europe to explore data exchange options in the transport sector.

Taylor Wessing's technology, media and telecoms group impresses with a very successful data protection and cyber security department. With focuses on monetisation and ad tech, interdiction and fine proceedings, as well GDPR and data protection audits, the group has managed to advise on the most important and current projects across Germany and the world. Led by Hamburg-based Axel Freiherr von dem Bussche, the team continued to grow in 2020 and is particularly sought-after by clients from the automotive, IT and gaming sectors. The Berlin-based Paul Voigt, who made partner in 2019, is particularly in these sectors 'an absolute expert'. From his location in the capital he has been able to establish close relationships with German startups and also assists US clients with privacy shield certificates as well as with complex local data protection audits.

CMS' sector focus is also much appreciated by clients in the data protection space and generates numerous instructions particularly in the banking and life sciences industries while e-commerce and technology companies also form part of its client base. The practice advises these clients on GDPR compliance (increasingly in the context of compliance structures), e-privacy, cookie banners and contract negotiations as well as in proceedings brought on by regulatory authorities. Highly technical matters such as data breach and IT security are also of central importance to the team. The group is spread across Hamburg with practice head Sebastian Cording, Munich with his counterpart Markus Häuser, Cologne and Stuttgart and broadly positioned due to its international integration in the firm's global TMC group. In addition, the firm is also a member of external networks World Law Group and International Technology Law Association.

With its highly regarded practice head Isabell Conrad, who became name partner in June 2020, IT boutique offering CSW Rechtsanwälte Steuerberater Wirtschaftsprüfer, a spin-off of former SSW Rechtsanwälte Steuerberater Wirtschaftsprüfer, has an unaffectedly strong standing in the market. The firm, which houses some of 'Germany's best data protection specialists', advises a German, but very broad client base that includes both startups as well as DAX-listed companies. Hereby, the group focuses on assisting companies from the insurance sector with insure tech and KI-related data protection matters among others. The team boasts further specialist expertise in matters such as social data protection and data protection for the public authorities. In addition, the practice also covers cross links to data protection and IT security while advising on e-commerce, IT contracts and cloud projects. Data protection and open source expert Stefan Haßdenteufel joined newly formed firm Witzel Erb Backu & Partner with two associates in June 2020.

Thanks to its experienced and renowned team members in Frankfurt, Essen, Hamburg and Cologne, Luther Rechtsanwaltsgesellschaft mbH is able to offer its clients the entire spectrum of data protection advice on highest level. Headed by Wulff-Axel Schmidt, the group demonstrates deep know-how that matches the requirements and needs of both medium-sized clients as well as large corporations. Hereby, mobility and logistics are the practice's sector focuses. Alongside his main focus on data protection, Michael Rath also advises on IP, thereby assisting with high-profile matters in the healthcare, telecoms and distribution sectors. Stefanie Hellmich, who made partner in 2019, focuses on data protection management systems, client information review and cookie consent. Silvia Bauer has particular expertise in GDPR implementation matters, data compliance and cross-border data exchange compliance as well as the preparation of data protection relevant agreements.

SKW Schwarz Rechtsanwälte's broad data protection practice offers high-quality advice at various interfaces. Due to a hotline service, the group has asserted itself as a strategic advisor of the cyber insurance sector on data breaches and further expanded its competencies in the data security space. Data protection litigation is another area whose successful establishment led to attracting outstanding instructions. Hereby, the group focuses on defending clients against claims of affected individuals, also before the European Court of Justice. Most recently, the team further advised on the development and implementation of extinguishing concepts as well as data protection-compliant business processes; practice head Matthias Orthwein leads the advice in many of these projects. Oliver Hornung is an expert in developing data protection concepts, GDPR implementation and IT compliance.

Due to a continuous pursuit of innovation, the commitment of highly specialised lawyers and the application of legal tech solutions, White & Case LLP occupies an enviable position among Germany's best players in the data protection space. The group has a significant advantage in international (particularly US) projects where it can easily activate its global, internal firm network. The client base predominantly includes banks, financial services providers and investment banks, but also car manufacturers. Facebook is also among its top clients; the team advises the social media company on disputes and data protection matters outside the US. Detlev Gabel is the key figure and specialises in supporting clients in the case of a cyber attack, data protection requirements for defensive measures and advice on the communication with data protection authorities.

ADVANT Beiten has used its solid standing as a key advisor to the media industry to also create a profile in the IT and data protection sector. Subsequently, the firm successfully established an integrated media, IP and IT practice under the leadership of Matthias Stecher and Andreas Lober, while Axel von Walter is a key figure for all privacy matters. The team is based in Frankfurt and Munich and sought after for its data protection advice across all industries; the group trains in-house data protection officers, carries out compliance checks and offers strategic advice on the implementation of new technologies as well as in the case of data protection violations.

Eversheds Sutherland's German data protection practice is part of a global network that is led from the firm's London and Washington offices. Therefore, the Munich-based team has access to international clients which predominantly stem from the regulated industries as well as the finance, pharmaceutical, healthcare and automotive sectors. The German team around Alexander Niethammer is considered a global point of reference  for the entire firm in matters pertaining to European data protection and GDPR as well as data transfer from and to the US. Agreements, data protection implementation, compliance and internet of things projects are also part of its service portfolio. Lutz Schreiber is a another key figure.

Heuking Kühn Lüer Wojtek's data protection practice distinguishes itself through a varied, sector-spanning approach. Jointly led by Philip Kempermann and Thomas Jansen, the team is composed of lawyers with data protection expert knowledge in cyber security, GDPR, damages claims and agreements. The group not only acts for companies in various industries (such as the food, transport, communication, finance and healthcare sectors among others), but also for federal offices, administrations and research facilities. In January 2020, data protection auditor Hans Markus Wulf made equity partner.

Hogan Lovells International LLP's German data protection team is part of the firm's comprehensive IP, media and technology practice. The group focuses on data security and data breaches (also with a specifically developed legal tech tool), their reporting to German and international regulatory authorities, on data processing and commercialisation as well as on transactions. Marcus Schreibauer co-heads the cyber security task force and maintains client relationships in the real estate, technology and finance sectors.

Munich-based data protection expert Undine von Diemar heads Jones Day's European cyber security, data protection and privacy practice. The group stretches across various jurisdictions, including Belgium, France and across the Atlantic also the US. Data-related transactions, internal investigations and GDPR implementation all constitute central pillars of the team's activity. Additionally, von Diemar's experience in matters pertaining to international data transfers as well as security issues and data breaches is also very sought-after. Martin Lotz frequently supports her in matters touching on compliance as well as on criminal law.

Morrison & Foerster LLP is considered an 'internationally very strong' firm for data protection and also fields German experts in this field. Hanno Timner, head of the privacy and data security team, advises large companies in the music industry, internet platforms and technological solutions manufacturers both in Germany as well as on cross-border matters (frequently stemming from the US and Japan). The group participates in national and international projects related to information injunctions by users in accordance with GDPR, inter-European transactions and related data, to fines and procedures against data protection authorities.

The strategic advantage of Norton Rose Fulbright's German data protection team lies in its integration with several of the firm's EMEA offices among other reasons. Based on this network, the Munich-based team has privileged access to international support and international clients that make up the client base alongside German corporations. Relevant sectors for the group include hotel, pharmaceuticals, insurance and banks which seek advice on matters such as GDPR, cyber attacks, profiling tool applications and data export to the US. Practice head Christoph Ritzer maintains a 'very good balance between risk perspective and business needs'.

Christian Schröder and the Düsseldorf-based data protection, IP and IT team around him are the German arm of Orrick, Herrington & Sutcliffe LLP's international practice in this field. The group acts within the firm's global context and often cooperates with the London and Boston offices on matters related to compliance, data transfer and due diligence as well as representing clients before regulatory authorities. Due to its technology-oriented focus, which is appreciated by clients, the team advises on exciting and innovative technology projects such as Europe's first connected office building in Berlin, where the team advised on negotiations with the data protection authorities.

Data protection advice is a self-evident part of technology-focused firm SCHÜRMANN ROSENTHAL DREYER's service offering. The group advises clients on the planning and implementation of IT and digitalisation projects, thereby covering GDPR implementation, warnings related to cookies, privacy and data protection impact assessments as well as revocation and appeal concepts for data protection agreements. Kathrin Schürmann and Simone Rosenthal jointly head the practice and recently gained further market visibility by advising on data protection issues related to a Covid-19 warning app project, to reporting and information systems for infection protection as well as to contract trancing.

Based on the experience and reputation of its media team, Greenberg Traurig Germany's practice for data, privacy and cyber security has picked up speed in recent years. The team around global co-chair Viola Bensinger offers legal expertise for US companies and German clients alike and focuses on data collection, use, storage and deletion, GDPR and audit procedures as well for companies from the e-commerce, technology, media and healthcare sectors as well as for the public authorities.

At GSK Stockmann in Berlin, data protection constitutes an important pillar of its IT practice which focuses on digital products, data models and compliance. The service portfolio also includes support in crisis situations and in dealing with regulatory authorities. Jörg Kahler and Katy Ritzmann  jointly head the practice.

Data protection advice on subjects such as industry 4.0, blockchain and internet of things as well as in the context of internal investigations, personal data and data protection audits are part of Oppenhoff's service portfolio. Hereby, the group acts with a sector focus on the insurance and energy industry and subsequently assists large German insurance companies and solar power corporations among others with new business models, Group Data Privacy, data property rights and GDPR implementation. Jürgen Hartung and Marc Hilber jointly head the practice that is internationally and particularly in the US very well connected. Additionally, the team also offers legal know-how to clients, in-house counsel and companies via its Oppenhoff Akademie.