News

Kahn Pedersen top-ranked again

The British ranking institute Who’s Who Legal has once again ranked Kahn Pedersen as a leading advisor within the firm’s both practice areas – Digital and Public. Kristian Pedersen is ranked as ”Global Elite Thought Leader” in the Government Contracts category, as well as ”Global Leader” and ”National Leader” in said category. Erik Olsson is ranked as  ”Global Leader” and ”National Leader”, also in the category Government Contracts. Johan Kahn is ranked as ”Thought Leader” in the categories ”Information Technology”, ”Data Privacy and Protection” and “Data Security”. Han he is also ranked as “Global Leader” and ”National Leader” in said categories. For more information, please see: https://whoswholegal.com/firms/advokatfirman-kahn-pedersen

Daniel Lundqvist top-ranked by Chambers & Partners again

We are delighted to announce that Daniel Lundqvist, partner at Kahn Pedersen, has been ranked as a leading legal advisor for “Fintech” once again. In its 2021 rankings, the international ranking institute Chambers & Partners ranks Daniel as one of three leading advisors in Sweden and states that Daniel is ‘very, very skilled in outsourcing deals and IT contract negotiations in the FinTech space. He has really grown his practice over the years.

Digitalization in the finance sector continues to be one of our core expertise areas within our Digital practice. We are very pleased that Daniel and our Digital-team have represented several Swedish banks, bank joint ventures and insurance companies on issues related to cloud migration, outsourcing and strategic technology sourcing. In connection with these assignments, we have developed several unique methods to analyze and visualize legal risk in connection with digitalization. As an example, our recent report on public cloud services >> [only available in Swedish] introduces the so-called Folke© Model, which we have found extremely useful in connection with cloud migration”, says Kristian Pedersen, MP and CEO of Kahn Pedersen. “We think Daniel’s ranking shows that our legal expertise in this area is market-leading, which is perfectly in line with our ambitions as a highly-specialized law firm”, Kristian Pedersen adds.

Kahn Pedersen further strengthens the Digital team

At the beginning of next year, Christian Hybbinette, Fredrik Sandström and Michael Nevinson will be joining Kahn Pedersen law firm, Christian as Partner, Fredrik as Senior Associate and Michael as Senior Associate. The trio joins from AG Advokat, where they are working today in the same department with a focus on the industrial sector.

Christian has nearly 20 years of experience in providing contract-related advice to clients in the industrial and real estate sectors, and was prior to his time at AG Advokat the head of Vinge’s Commercial Agreements practice. Fredrik has worked at AG Advokat since 2015 and has, among other things, been seconded to one of the world’s largest suppliers of renewable solutions based on wood and biomass. Michael has worked at AG Advokat since 2018 and prior to that served as a law clerk.

“Sweden is facing a huge transformation of the industry in order to keep up with international development. Christian and team have combined expertise in Industry 4.0 that will really strengthen our Digital offering and will alow us to meet the existing demand that we see on the market. We are very happy that they have chosen to join Kahn Pedersen because it means that we are both able to bring market-unique expertise on the industrial side but also that we get some of the country’s foremost contract lawyers on our team.” says Kristian Pedersen, Partner and CEO, Kahn Pedersen.

New publication from Kahn Pedersen

Vi har nu publicerat årets tredje och den sammanlagt elfte rapporten i vår skriftserie. Rapporten behandlar användningen av publika molntjänster i näringslivet. Vår förhoppning är att rapporten ska kunna bidra till en mer nyanserad diskussion och bedömning av användningen av publika molntjänster i näringslivet. Vår bild är att den juridiska debatten om molntjänster i näringslivet annars har präglats av ytterligheter och alltför fyrkantiga resonemang. Vi introducerar också en egen modell för övergripande riskbedömning, den s.k. Folke©-modellen.

Alla rapporter i Kahn Pedersens skriftserie finns att ladda ner kostnadsfritt från vår webbplats.

Länk till rapporten >>

Ny rekommendation om kompletterande skyddsåtgärder vid tredjelandsöverföring

Den Europeiska dataskyddsstyrelsen (EDPB) har publicerat ett utkast till en rekommendation[1] för överföring av personuppgifter till länder utanför EU/EES (tredjelandsöverföringar). Bakgrunden till rekommendationen är EU-domstolens avgörande i Schrems II (se här), vilket sedan sommaren 2020 har skapat stor osäkerhet inom EU när det gäller tredjelandsöverföring och, inte minst, användning av publika molntjänster som medför sådan överföring.

Liksom EU-domstolen i Schrems II placerar EDPB ett stort ansvar på de enskilda organisationer som för ut personuppgifter från EU (eller som använder tjänster som innebär överföring av uppgifter till länder utanför EU). Rekommendationen innehåller bl.a. en checklista för vilka steg personuppgiftsansvariga och personuppgiftsbiträden bör använda vid tredjelandsöverföringar. I det första steget krävs inventering av tredjelandsöverföringar och identifiering av rättslig grund för överföringen (t.ex. standardavtalsklausuler). Därefter krävs alltid en bedömning av skyddsnivån för personuppgifter  i mottagarlandet. Om skyddsnivån i ett visst mottagarland inte bedöms motsvara EU:s skyddsnivå krävs dessutom ”kompletterande skyddsåtgärder”.

EDPB:s rekommendation innehåller ett antal typfall där olika säkerhetsåtgärder beskrivs och bedöms. Det kan konstateras att avtalsmässiga eller organisatoriska åtgärder inte i sig utgör tillräckliga åtgärder för att säkerställa en tillräcklig skyddsnivå för personuppgifter.

När det gäller tekniska skyddsåtgärder drar vi följande preliminära och generella slutsatser:

  1. Det finns enligt EDPB inga effektiva tekniska skyddsåtgärder för tjänster som:
    • Medför att leverantören i ett tredjeland har tillgång till okrypterade personuppgifter i klartext vilket gäller oavsett om kryptering tillämpas vid överföring och vid ”data-at-rest”. Detta torde bl.a. omfatta  SaaS-tjänster som innebär överföring av personuppgifter till USA.
    • Medför fjärråtkomst från tredjeland till personuppgifter lagrade i klartext inom EU. Detta torde bl.a. omfatta många IT-supporttjänster (inklusive kundtjänst) som tillhandahålls genom ”globala” leveransorganisationer utanför EU.
  1. Personuppgifter i klartext får generellt inte överföras via internet i okrypterad form, eller annars göras tillgängliga i klartext till ett tredjeland. Typiskt sett krävs kryptering där leverantören/mottagaren inte har eller enkelt kan skaffa tillgång till krypteringsnyckeln.
  2. Pseudonymisering kan vara en effektiv skyddsåtgärd, under vissa förutsättningar. Detsamma gäller för uppdelning av en personuppgiftsbehandling mellan flera biträden, så att ingen av dem får tillräcklig information för att identifiera fysiska personer.

Slutsatserna ovan är preliminära och bör kompletteras av en rättslig bedömning i det enskilda fallet. EDPB:s rekommendation är preliminär och öppen för synpunkter fram till den 30 november 2020. Den slutgiltiga versionen kommer troligen att innehålla ett flertal ändringar och tillägg.

Vänligen kontakta Johan Kahn eller Daniel Lundqvist om du har frågor om EDPB:s vägledning eller om tredjelandsöverföring av personuppgifter.

_____________________________

[1] Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data, Adopted – version for public consultations.

One of Sweden’s foremost cyber risk experts affiliated with Kahn Pedersen

André Catry is now affiliated with Kahn Pedersen as a Senior Advisor within security and cyber risk. André has over 25 years’ experience of cyber risk and security work. Except for several assignments within the Swedish Armed Forces, such as concept development for The Communication Information Systems Command, André has held positions as an operative department director with the Swedish Security Service. André also has extensive experience as a senior cyber risk consultant with companies founded by himself. André was recently technical expert to the major Swedish public authority’s legal investigation regarding their use of cloud computing services in a legal and appropriate way.

As a leading law firm within the areas of Digital and Public, Kahn Pedersen increasingly advises clients in matters that involve assessments and actions with regard to cyber risk. This is especially evident in relation to cloud computing services and data protection, where a very high level of legal as well as cyber risk competence is required in order to make correct and balanced assessments.

We are happy and proud that André has chosen to start working with us. André has a unique competence in Sweden in matters regarding cyber risk and legal information security. We have noted a significantly higher demand for our services relating to cyber risk both from the business sector and from public authorities. These matters are often part of larger projects for digital transformation. Being able to offer our clients our legal advice together with André’s skills and experience will give our clients the very best possibilities to deal with digital transformation in a profitable, controlled and legal way.” says Kristian Pedersen (CEO).

Kahn Pedersen Sweden’s Leading Law Firm for Government Contracts, according to Who’s Who Legal

Kahn Pedersen is once again the only Swedish law firm considered to be a leading firm in Who’s Who Legal’s global ranking in the category Government Contracts (Public Procurement).

Kristian Pedersen is also considered to be a Global Elite Thought Leader, making him part of an exclusive group of only 20 lawyers who, according to Who’s Who Legal, are the world’s most prominent public procurement specialists.

Erik Olsson is described by Who’s Who Legal, as ”a formidable public procurement specialist with a strong track record handling procurement issues in Sweden”, and he is considered to be one of the most prominent Swedish public procurement lawyers.

Read more >>

n