• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

GDPR: nearly 10 million fines for unsecured hotline * Update*

9. December 2019
in Data protection Law
Reading Time: 2 mins read
0 0
A A
0
bfdi logo
Key Facts
  • 1&1 Telecom GmbH was fined 9.55 million euros.
  • The company failed to take technical and organizational measures to protect customer data.
  • Arufer gained unauthorized access to customer data by name and date of birth.
  • The BfDI sees a violation of Article 32 GDPR.
  • 1&1 plans to introduce a new authentication procedure to improve data protection.
  • The fine reflects the size and amount of customer data of the company.
  • 1&1 will take legal action against the fine and has further developed security standards.

More and more fines are slowly being imposed and the data protection officers are getting more and more serious.

Now the Federal Commissioner for Data Protection and Freedom of Information has fined 1&1 Telecom GmbH 9,550,000 euros.

In the opinion of the BfDI, the company had not taken sufficient technical and organisational measures to prevent unauthorised persons from being able to obtain information on customer data during telephone customer service.

Arufer was able to obtain extensive information about other personal customer data when it was provided with the company’s customer support simply by specifying a customer’s name and date of birth. In this authentication procedure, the BfDI sees a violation of Article 32 DSGVO, which requires the company to take appropriate technical and organizational measures to systematically protect the processing of personal data.

After the BfDI criticized the inadequate data protection, 1&1 Telecom GmbH showed itself to be reasonable and intends to introduce a new authentication procedure that is significantly improved in terms of technology and data protection.

Although the amount of the fine is of course due to the size of 1&1 and the potential amount of customer data, the question of how to deal with personal data of potential customers, be it by telephone or e-mail, is relevant for most companies. , which often underestimate the risk of a fine.

*Update*

1&1 Telecom GmbH will not accept and will appeal against the fine notice issued against it by the Federal Commissioner for Data Protection and Freedom of Information (Federal Data Protection Officer). The Federal Data Protection Commissioner has imposed a fine of EUR 9.55 million for an individual case. The Authority accuses 1&1 of failing to comply with telephone authentication, technical and organisational measures to protect personal data by providing non-standard authentication.

This procedure was not concerned with the general protection of the data stored at 1&1, but with the question of how customers can access their contract information. The case in question occurred as early as 2018. Specifically, it was a question of telephone retrieval of the mobile phone number of a former life partner. The responsible employee met all the requirements of the security guidelines that were valid at 1&1 at the time. At that time, two-factor authentication was common, and there was no single market standard for higher security requirements.

Since then, 1&1 has continuously developed its security requirements. For example, three-factor authentication has been introduced in the meantime, and in the next few days 1&1– one of the first companies in its industry – will provide each customer with a personal service PIN.

1&1’s data protection officer, Dr. Julia Zirfas, emphasizes the company’s high security standards: “The security of the data of many millions of customers is our top priority. Therefore, 1&1 strictly adheres to the applicable data protection regulations.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: AuthenticationData protection LawE‑mailInformationLawsuitMailPrivacySicherheit

Weitere spannende Blogposts

Bavarian Administrative Court confirms decision on Facebook Custom Audiences

20. November 2018

Last month, the Bavarian State Office for Data Protection Supervision published a comprehensive checklist on how companies must handle Facebook's...

Read moreDetails

Legal aspects of crowdfunding and alternative forms of financing for start-ups

Legal aspects of crowdfunding and alternative forms of financing for start-ups
10. October 2024

Crowdfunding and other alternative forms of financing have become important instruments for start-ups to raise capital in recent years. These...

Read moreDetails

BGH also rules on the reimbursement of losses from online poker games

BGH considers Uber Black to be anti-competitive
17. May 2024

In addition to the legal question regarding the reimbursement of stakes in online sports betting(see this blog post), the Federal...

Read moreDetails

When is an email “received” in a business environment?

When is an email “received” in a business environment?
7. November 2022

The legal term "access" is relevant to numerous legal issues. When exactly this is the case, however, can be disputed...

Read moreDetails

Legal analysis and finding solutions to the DOSB expert opinion on esport

DOSB and Esport: A commentary
28. August 2019

What is it all about? Currently, the report commissioned by the DOSB to assess whether esport can be regarded as...

Read moreDetails

Why NDAs are often considered “toothless tigers

contract 4085336 1280
20. September 2023

Introduction I encounter a variety of contracts every day in my practice as an attorney and business consultant, and one...

Read moreDetails

Should a software developer as contractor inform his client about the application of Scrum?

Should a software developer as contractor inform his client about the application of Scrum?
30. May 2023

As I was doing my morning scroll through LinkedIn this morning, I stumbled across some interesting discussions and reflections on...

Read moreDetails

Artificial intelligence in esports: legal challenges and solutions for fan engagement, game improvement and sponsorship.

Artificial intelligence in esports: legal challenges and solutions for fan engagement, game improvement and sponsorship.
9. June 2023

Introduction The rapid development of artificial intelligence (AI) is having a profound impact on various industries, and esports is no...

Read moreDetails

ECJ rulings on compensation for data protection breaches

District Court Frankfurt a.M. on the right to be forgotten
26. June 2024

Analysis of the ECJ rulings In its recent decisions C-687/21 and C-340/21, the European Court of Justice (ECJ) provided important...

Read moreDetails

Adhäsionsverfahren

10. November 2024

Definition und Historische Entstehung Das Adhäsionsverfahren ist ein prozessuales Rechtsinstitut im deutschen Strafprozessrecht, das dem Verletzten einer Straftat ermöglicht, zivilrechtliche...

Read moreDetails
Europäische Datenschutzausschuss (EDSA/EDSB)

Europäische Datenschutzausschuss (EDSA/EDSB)

1. July 2023
law 447487 1280

Markengesetz (MarkenG)

25. June 2023
Non-Participating Preferred

Non-Participating Preferred

16. October 2024
Privacy by Design

Privacy by Design

15. October 2024

Podcast Folgen

Rechtliche Beratung für Startups – Investitionen, die sich lohnen

Rechtliche Beratung für Startups – Investitionen, die sich lohnen

17. November 2024

In dieser Episode des ITmedialaw.com Podcasts dreht sich alles um die Bedeutung rechtlicher Beratung für Startups. Host Marian Härtel spricht...

Rechtliche Risiken bei langen Entwicklungszeiten und der Stornierung von Crowdfundingspielen

Rechtliche Risiken bei langen Entwicklungszeiten und der Stornierung von Crowdfundingspielen

20. April 2025

In dieser Episode erörtern wir die rechtlichen Herausforderungen, denen Spieleentwickler bei der Finanzierung durch Crowdfunding gegenüberstehen. Wir beleuchten die Verpflichtungen...

Der unkonventionelle Anwalt: Ein Nerd im Dienste des Rechts

Der unkonventionelle Anwalt: Ein Nerd im Dienste des Rechts

25. September 2024

In dieser fesselnden Episode des Podcasts "Der Unkonventionelle Anwalt" tauchen wir ein in die Welt eines Juristen, der die traditionellen...

Rechtssichere Influencer-Agentur-Verträge: Strategien zur Vermeidung unerwarteter Kündigungen

Rechtssichere Influencer-Agentur-Verträge: Strategien zur Vermeidung unerwarteter Kündigungen

19. April 2025

Anna und Max sprechen in dieser Episode über typische Fallstricke und Gestaltungsmöglichkeiten bei Verträgen zwischen Influencern und Agenturen. Im Mittelpunkt...

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung