Photo of Dr. Ulrich Worm

Ulrich Worm is a partner in the Frankfurt office of Mayer Brown and heads the German Intellectual Property practice. His practice focuses on technology related advice.

Ulrich advises clients in IP related matters, including patent, trade secrets, design right, trademark and copyright matters as well as on licensing, co-operation and other technology transfer agreements. He represents clients in patent infringement and nullity proceedings and in trade secrets litigation cases before courts in Germany. In addition to litigating IP cases before German courts, he coordinates pan-European and cross-Atlantic litigation cases. Further to his IP litigation practice, Ulrich advises on patent related matters such as patent license and other technology transfer agreements and is experienced in fighting counterfeiting of patent, design right and trademark protected products.

His practice further covers IT-related matters, including advising on cloud services, software licensing agreements, SaaS agreements, software development projects, e-commerce, and related data protection and privacy questions.

Read Ulrich's full bio.

 

With an effective date of February 17, 2024, the Digital Services Act (“DSA”) will start applying to most online platform providers in less than a year. The DSA, which introduces due diligence and transparency obligations regarding algorithmic decision-making by online platforms, such as social media, video sharing or e-commerce, entered into force on November 16,

On February 28, 2023, the European Data Protection Board (“EDPB”) issued its opinion on the draft adequacy decision of the European Commission (the “Commission”) on the new EU-US Data Privacy Framework (“DPF”). The EDPB expressed reservations in connection with the DPF, which will now undergo scrutiny by other European institutions.

Who Should Read This Legal

On 13 December 2022, the European Commission published its draft adequacy decision for EU-U.S. data transfers. The draft decision follows the EU-U.S. announcement of an agreement on a new EU-U.S. Data Privacy Framework (“DPF”) in March 2022 as well as the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (“Executive Order”) signed

Companies that rely on standard contractual clauses (“SCCs”) for transferring personal data from the European Economic Area (“EEA”) to jurisdictions not considered to offer an adequate level of data protection under the EU General Data Protection Regulation must ensure that none of their existing contracts use the old SCCs after 27 December 2022.

Businesses are

On 25 May 2022, the European Commission published Questions and Answers for the New  Standard Contractual Clauses to provide practical guidance on the use of standard contractual clauses (SCCs) and help organisations with their General Data Protection Regulation (GDPR) compliance efforts. The Commission confirmed that the Q&A document will be regularly updated.

Continue reading.

On March 25, 2022, the United States and the European Union jointly announced an “agreement in principle” to a new trans-Atlantic data privacy framework to facilitate the cross-border transfer of personal data (the “Framework”).1 As part of the Framework, the US has made “unprecedented commitments” related to intelligence collection and surveillance practices.2 The

The UK Online Safety Bill was proposed by the UK government to establish a new regulatory framework to tackle harmful content online and usher in a new age of accountability for tech companies. The bill will impose a duty of care on companies that offer user-generated content, in addition to search engines, to protect users

Seitdem die Datenschutz-Grundverordnung in Kraft trat, stehen Entwickler und Forschende im Bereich der automatisierten und vernetzten Mobilität immer wieder vor schwierigen Fragestellungen:

  • Welche Daten lassen sich wie DSGVO-konform verarbeiten? Was ist erlaubt, was nicht?
  • Wie können diese Daten anderen zur Verfügung gestellt werden?
  • Welche Unterschiede gibt es hierbei zwischen Universitätsinstituten, öffentlichen Einrichtungen und Unternehmen?

Continue

Today, 28 June 2021, the European Commission formally adopted two adequacy decisions with respect of transferring personal data from the European Economic Area (the “EEA”) to the United Kingdom (the “UK”): one under the EU General Data Protection Regulation and one under the EU Law Enforcement Directive. The two decisions come into

Today, 21 June 2021, the European Data Protection Board (the “EDPB”) has published its final Recommendations 01/2020 on supplementary measures to ensure compliance with data protection laws when transferring personal data from Europe (the “Recommendations”).

The adoption of these Recommendations is the latest in a series of developments which demonstrate that it is