Latest updates

Draft Data Protection Amendment Act 2018 in appraisal
Schoenherr Attorneys at Law
  • Austria
  • May 30 2017

Approximately one year before the General Data Protection Regulation will come fully into force, the Austrian legislature has officially started a six-week consultation process for the national Data Protection Amendment Act 2018. If and to what extent the legislature will make use of the competencies provided for by the 'opening clauses' in the General Data Protection Regulation is highly relevant to companies, and the amendment act has answered this question.

Ban on most-favoured nation clauses in online travel sector – end of online booking services?
Schoenherr Attorneys at Law
  • Austria
  • November 01 2016

A draft law amending the Federal Act against Unfair Competition 1984 and the Price Labelling Act was recently published for public consultation. The draft law intends to introduce a ban on most-favoured nation clauses in contracts between online travel agencies and hotel operators. Commercially, the draft law puts online travel agencies' business model at risk and may even deter innovation and investments beyond this niche industry.

One and two-character domain names available under ccTLD '.at'
Schoenherr Attorneys at Law
  • Austria
  • September 06 2016

The Austrian registry operator recently initiated the launch process for approximately 5,000 one and two-character domain names under the top-level domain (TLD) '.at'. Owners of trademarks consisting of one or two characters should consider requesting delegation of their short trademarks as domains under the '.at' TLD in order to use them or at least prevent unauthorised third parties from taking advantage of their marks.

'.insurance' – new gTLD targeting insurance sector
  • International
  • May 10 2016

Sub-level domain names under the new generic top-level domain '.insurance' will soon be available – a development that will be of particular interest for the insurance sector, as it will allow domain names such as '[Yourbrand].insurance' and '[Yourproduct].insurance'. The '.insurance' domain names are expected to become generally available in June 2016, preceded by a sunrise period in May 2016.

Territoriality principle on horizon
  • European Union
  • October 28 2014

It is common knowledge that the European Court of Justice (ECJ) has found the EU Data Retention Directive to be invalid. However, the spotlight should be on the ECJ's considerations on data security, as these may have an impact beyond the case that triggered the ruling, potentially influencing the privacy aspects of international data transfers as they are known today.

OnDemand Compliance and the cloud
Schoenherr Attorneys at Law
  • Austria
  • October 21 2014

Austria has no specific data security rules for cloud computing. However, depending on the data categories involved, specific data-related security regulations may apply. To date, there has not been a homogenous market approach to tackling the risks connected to cloud services, although companies are starting to become aware of the related risks.

ECJ declares Data Retention Directive invalid
  • European Union
  • April 29 2014

The European Court of Justice (ECJ) recently declared the EU Data Retention Directive, which has been the subject of much debate, invalid. The ECJ held that the directive interferes with the fundamental rights to respect for private life and the protection of personal data. If this decision reflects the ECJ's general stance on the matter, it will have an impact that goes far beyond telecommunications data retention considerations.

BYOD and data protection – incompatible or manageable?
Schoenherr Attorneys at Law
  • Austria
  • March 04 2014

Employers are increasingly keen to introduce a 'bring your own device' (BYOD) policy, which allows them to assign company device management to employees and, by doing so, save manpower and costs on device support and maintenance. However, there is a downside: BYOD involves allowing employees to access (sometimes sensitive) company data through their private devices.

Under pressure: data breach notification must be made within 24 hours
Schoenherr Attorneys at Law
  • Austria
  • August 20 2013

The European Commission recently published a new regulation on the measures applicable to the notification of personal data breaches under the EU Directive on Privacy and Electronic Communications. When the regulation enters into force, national rules that are in contradiction to European law must cease to apply. This raises some substantial questions with regard to the application of the Austrian Telecommunications Act.

Rise in mobile apps triggers data protection concerns
Schoenherr Attorneys at Law
  • Austria
  • March 26 2013

Mobile applications are convenient, entertaining, easy to handle, cheap and versatile. However, the processing of other people's personal data through an app triggers full responsibility under data protection laws. Users would thus be well advised to consider whether they would wish to have their own data processed in the same way before processing other people's data through an app.

ECJ finds Austrian Data Protection Authority insufficiently independent
Schoenherr Attorneys at Law
  • Austria
  • October 30 2012

The European Court of Justice (ECJ) recently ruled that the Austrian Data Protection Authority is not a sufficiently independent regulatory body and therefore is not in line with the respective requirements of the EU Data Protection Directive. In particular, the ECJ took offence at the fact that the day-to-day business of the authority is managed by a federal official.

Austria implements EU Data Retention Directive at long last
Schoenherr Attorneys at Law
  • Austria
  • March 15 2011

Following European Commission proceedings against Austria for breaching EU law by failing to implement the EU Data Retention Directive, and a related European Court of Justice ruling against Austria, the government has now decided to implement the directive. The draft legislation implements the minimum requirements set out by the directive by providing for a retention period of only six months.

New amendments to data protection law
Schoenherr Attorneys at Law
  • Austria
  • November 09 2010

In early 2010 substantial revisions to the Data Protection Act entered into force. Among other things, the revised act introduced to the data protection regime a notification duty requiring every data controller in Austria to inform data subjects accordingly should they become aware of systematic and seriously unlawful misuses of personal data.

Christian Schmelz
Schoenherr
  • Vienna
  • Austria
Stefanie Stegbauer
Schoenherr
  • Vienna
  • Austria
Michael Woller
Schoenherr
  • Vienna
  • Austria
Günther Leissler
Schoenherr
  • Vienna
  • Austria
Adolf Zemann
Schoenherr
  • Vienna
  • Austria
Veronika Wolfbauer
Schoenherr
  • Vienna
  • Austria
Schoenherr
Schoenherr