GDD organization
The Erfa (professional network) Advisory Board and the Scientific Advisory Board are subordinate to the GDD-Board of Trustees.
The GDD office is responsible for maintaining contact with the Institute for Data Protection Officers, GDD working groups, GDD specialist Erfa groups, and regional Erfa groups.
It is also the first point of contact for GDD members.
The board of the GDD
Prof. Dr. Rolf Schwartmann (Chairman)
Area of responsibility: Internet law, strategy, planning, and public relations
Prof. Dr. Rolf Schwartmann is head of the Cologne Research Center for Media Law at the Technical University of Cologne and has been chairman of the GDD since 2012, with responsibility for strategy, planning, public relations, and Internet law.
His research focuses on media law and digitalization law, in particular data protection law. He represents the GDD at conferences and committees in the fields of politics, business, administration, and science.
Prof. Dr. Schwartmann is the author and editor of numerous academic works and regularly publishes articles on media and data protection issues in legal journals, various regional and national daily newspapers, and online services. He is co-editor of the RDV and editorially responsible for the news portal “RDV-Online.” At the same time, he is co-editor of a commentary on the GDPR and the BDSG as well as the TTDSG and a practical handbook on online data protection.
Prof. Dr. Schwartmann was appointed to the German Federal Government's Data Ethics Commission in 2018 and has been a member of Platform 5 of the German Federal Government's Digital Summit for the GDD since 2015.
Gabriela Krader, LL.M. (deputy Chairwoman)
Ms. Krader represents the GDD Executive Board in matters relating to international data protection. She represents the GDD in discussions with representatives of the European Commission, representatives of international and European data protection supervisory authorities, and at events organized by the European Data Protection Board and the OECD (Organization for Economic Cooperation and Development).
Together with the GDD office, Ms. Krader has been committed to expanding contacts with international data protection interest groups and cooperation within a joint European umbrella organization (Confederation of European Data Protection Organizations, CEDPO). In this context, she also accompanied the development of position papers on the EU General Data Protection Regulation.
Ms. Krader has also been a speaker at the GDD's basic seminar on data protection management since 2014 as part of the GDD's training program. Ms. Krader is also a member of the advisory board of the Data Protection Foundation.
Prof. Dr. Rainer W. Gerling (deputy Chairman)
As Deputy Chairman of the Executive Board, Prof. Dr. Gerling is responsible for IT security and science.
Prof. Dr. Rainer W. Gerling has been working in the field of information technology for over 40 years. After studying physics at the University of Dortmund from 1974 to 1979, he completed his doctorate in 1981 and his habilitation in 1986 at the University of Erlangen-Nuremberg. From 1981 to 1993, he was a research assistant and private lecturer at the University of Erlangen-Nuremberg, during which time he spent numerous periods abroad, including from 1988 to 1989 as a Feodor Lynen Fellow of the Alexander von Humboldt Foundation at the Center for Simulational Physics at the University of Georgia, USA.
After working as a scientist, Prof. Gerling was data protection officer from 1993 to 2013 and IT security officer of the Max Planck Society from 2006 to 2020. He has been a lecturer at Munich University of Applied Sciences since 1994 and was appointed honorary professor for IT security at Munich University of Applied Sciences in 2006. As co-founder and, from 2008 to 2020, chairman of the Working Group on Information Security at German Research Institutions (AKIF), he has played a key role in shaping the approach to information security at German universities and research institutions.
Prof. Gerling was head of the GDD Erfa Circle Bavaria from 2001 to 2012. Since 2012, he has been deputy chairman of the GDD board and is currently also a member of the presidium of the GDD Data Protection Academy and the GDD Scientific Advisory Board. He is a member of the editorial advisory board of the journals “Datenschutz und Datensicherheit (DuD)” (Data Protection and Data Security) and “IT-Sicherheit” (IT Security). Since 2008, he has been a member of the Committee for Law and Security (ARuS) of the DFN Association.
Thomas Müthlein (Treasurer)
As treasurer on the GDD board, Mr. Müthlein focuses on finance, data protection organization, legal matters, and service providers, with a particular emphasis on the further development of data protection in terms of its feasibility in data protection practice. To this end, he supports the GDD management as a technical contact, particularly with regard to legislative initiatives and statements.
Mr. Müthlein represents data protection practice in various working groups within and outside the GDD. In particular, he has contributed to the development of the GDD practical guides on the GDPR and the “SAP Data Protection Guide” published by the DSAG, among other things. He also contributed to the further development of the “DS-BvD-GDD” data protection standard for commissioned data processing and to an implementation guide for the standard. In particular, he communicated practical topics relating to the implementation of the GDPR, commissioned data processing, and the data protection standard within the framework of the GDD experience exchange groups and GDD seminars.
Kristin Benedikt (Board Member)
Area of responsibility: Online data protection, public sector
Kristin Benedikt is a judge at the Administrative Court of Regensburg and its data protection officer. From 2015 to 2020, she headed the Internet division at the Bavarian State Office for Data Protection Supervision. She is also a speaker and author of numerous articles on the GDPR and ePrivacy Regulation. In addition, Ms. Benedikt is a trained business mediator. She is a lecturer on data protection at the University of Applied Sciences for Public Administration in Bavaria and at the Technical University of Cologne, and a member of the board of the Institute for European Media Law (EMR).
Ulrike Egle (Board Member)
Area of responsibility: Data protection practice
Ms. Egle focuses on how companies can master the growing complexity of data protection requirements—especially against the backdrop of increasing internationalization and digitization efforts and the integration of artificial intelligence into operational data protection. Since resources for implementing legal requirements are generally limited, she is particularly interested in finding solutions that enable data protection requirements to be implemented in a pragmatic and legally compliant manner.
Ms. Egle is a corporate lawyer and has been the group data protection officer for the Ravensburger Group since 2015. She is also involved in the GDD Erfa Circle in Freiburg, where she regularly gives presentations on issues that data protection officers face in their day-to-day work. In addition, she has been a lecturer in IT law at the DHBW Ravensburg since 2023.
Steve Ritter (Board Member)
Area of expertise: IT law
Mr. Ritter originally trained as a banker and was a data protection officer at a bank. He then studied law and has been working at the Federal Office for Information Security since 2011, where his responsibilities have included supporting a wide range of legislative projects. He has been head of the IT Security and Law Division there since 2017.
In addition, he is involved in the continuously growing field of information security law as an editor, author, and member of various advisory boards.
Mr. Ritter is the editor and author of a commentary on the IT Security Act 2.0, as well as co-editor and author of a commentary on information security law. As an author, he deals with the interfaces between data security and data protection, among other things through his commentaries on Art. 32 GDPR and § 12 TTDSG. Mr. Ritter also deals with topics related to information security law in various journal publications. He is also co-editor of the International Cybersecurity Law Review and a member of the RDV's advisory board.
In addition, Mr. Ritter regularly speaks on topics at the interface of law and information security and, as such, has also been active in GDD events since 2014. As a lecturer, he teaches information security law at the Technical University of Cologne.
Bettina Herman (Erfa representative)
Area of responsibility: Representation of Erfa circles, data protection practice
Ms. Herman currently works as a data protection consultant/advisor at the atarax group of companies and previously worked as a company data protection officer for over 16 years. She has headed the GDD Erfa circle in Freiburg since 2006 and, prior to her first election as Erfa representative in 2018, served as deputy Erfa representative and member of the Erfa representative team for approximately 10 years.
Following her election by the Erfa Advisory Board, she is the Erfa representative and contact person on the Executive Board for the interests of the currently 35 Erfa circles as well as for questions of data protection practice. She is committed to maintaining the high professional quality and practical relevance of the work in the GDD Erfa circles.
Dr. Stefan Brink (Board Member)
Area of responsibility: Data protection in the public sector, European data law, digitization of the world of work
Since January 2023, Dr. Stefan Brink has been head of the independent institute wida in Berlin (Scientific Institute for the Digitization of the World of Work), which accompanies digital change with a view to our civil rights and promotes digital projects. He is helping to shape digital transformation with numerous expert opinions on data protection and digitization, as editor of a leading data protection commentary in Germany, a standard commentary on freedom of information, with his podcast “Follow the Rechtsstaat” (with Prof. Niko Härting) and the video series on digital freedom (“B.suchtFREIHEIT”).
Stefan Brink worked for the Scientific Service of the Rhineland-Palatinate State Parliament, then as a judge at the Administrative Court of Koblenz and as a research assistant at the Federal Constitutional Court (1st Senate, Prof. Dr. Reinhard Gaier). From 2008 to 2016, he was Head of Private Data Protection at the State Commissioner for Data Protection in Rhineland-Palatinate, and since 2012 he has also been Deputy State Commissioner for Freedom of Information in Rhineland-Palatinate.
From January 2017 to December 2022, Stefan Brink was State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg and a member of the Conference of Data Protection Commissioners of the German States and the Federal Government DSK.
Prof. Dr. Michael Meier (Board Member)
Area of responsibility: IT security
Prof. Dr. Michael Meier holds the Chair of IT Security at the Institute of Computer Science at the University of Bonn and is head of the Cyber Security department at Fraunhofer FKIE. His research interests lie in the applied aspects of IT security, with a focus on attack and malware analysis and detection, and technical data protection. One goal of his research is to implement distributed cooperative security monitoring that appropriately balances security and privacy interests. The implementation tool for this is regularly customized pseudonyms that can be used to fine-tune and balance conflicting interests.
Michael Meier completed his computer science studies from 1993 to 1998 and received his doctorate in 2006 in the field of intrusion detection at the Brandenburg University of Technology Cottbus. From 2006, he worked as a researcher and lecturer in the Information Systems and Security working group at the Technical University of Dortmund before accepting the professorship for IT security at the University of Bonn in 2012.
Michael Meier is a founding member and spokesperson for the “Security - Intrusion Detection and Response” (SIDAR) specialist group of the German Informatics Society (GI) and co-chair of the international conference “Detection of Intrusions & Malware and Vulnerability Assessment” (DIMVA).
Prof. Dr. Gregor Thüsing, LL.M. (Harvard), (Board Member)
Area of responsibility: Employee data protection
Gregor Thüsing, born in Cologne in 1971, has been Director of the Institute for Labor Law and Social Security Law at the University of Bonn since the 2004/2005 winter semester.
He studied law at the University of Cologne (as a scholarship holder of the Konrad Adenauer Foundation), passed his first state law examination in 1994, and then worked as a research assistant at the Institute for Labor and Economic Law (Prof. Dr. Herbert Wiedemann) at the same university. Doctorate in 1995 on a labor law topic (“Der Außenseiter im Arbeitskampf” [The Outsider in Labor Disputes], summa cum laude, also as a scholarship holder of the Konrad Adenauer Foundation).
Second state law examination in 1996, LL.M. degree from Harvard Law School in 1998 and admission to the bar (attorney at law) for the State of New York after passing the bar exam. In 2000, habilitation in civil law (habilitation thesis: “Wertende Schadensberechnung” [Evaluative Damage Calculation]) for the subjects of civil law, labor and social law, comparative law, and canon law (as a scholarship holder of the DFG and the German National Academic Foundation).
Subsequently, worked as assistant to the CEO in the Central Corporate Development department of Bertelsmann AG. From April 1, 2001, to the winter semester of 2004/2005, he held the chair for civil law, labor and social law, and comparative law at Bucerius Law School. Since March 2004, he has been a lecturer at WHU Koblenz in the Executive MBA Program.
Prof. Dr. Thüsing is a member of the Standing Deputation of the German Lawyers' Association, the Executive Board of the German-American Lawyers' Association, the Advisory Board of the Görres Society, the International Society for Labor Law and Social Security, and the Presidium of the Society for Insurance Science and Design. He is Chairman of the Society for European Social Policy and Deputy Chairman of the Joint Church Labor Court in Hamburg. Prof. Thüsing is a member of the Visiting Faculty of Henley College, Henley-on-Thames. Prof. Thüsing is Chairman of the Commission for the Preparation of the Eighth Family Report of the Federal Government and a member of the Expert Council for the Assessment of Developments in the Health Care System.
Management
Lawyer Andreas Jaspers
Lawyer Andreas Jaspers is managing director of the GDD and co-managing director of DSZ Datenschutz Zertifizierungsgesellschaft mbH. He is the author of numerous publications on data protection law and data protection organization, as well as co-editor of a commentary on the GDPR/BDSG and the TTDSG. At the GDD Data Protection Academy, Andreas Jaspers is a lecturer in the training and further education of data protection officers in business and administration. In 2018, he was an expert advisor to the state parliaments of North Rhine-Westphalia and Hesse on the GDPR, and in 2017 he was an expert advisor to the German Bundestag on the revision of the BDSG.
Lawyer Yvette Reif, LL.M.
Attorney Yvette Reif, LL.M., is deputy managing director of the Society for Data Protection and Data Security (GDD) e.V., Bonn. She is co-author of several legal commentaries on data protection law. Her work focuses on topics such as the GDPR provisions on data protection officers and the reporting and notification requirements in the event of data breaches, as well as the provisions in North Rhine-Westphalia's state data protection law on employee data protection. In the Heidelberg Commentary on the TTDSG, she comments together with Prof. Dr. Rolf Schwartmann and Lucia Burkhardt on the central TTDSG regulation on cookies & co. (§ 25). Yvette Reif also works as a lecturer in the training cycle for certified company data protection officers (GDDcert. EU).
A significant portion of the implementation of self-imposed goals consists of 34 professional networks located across Germany. These groups play a crucial role in fostering transparent discussions on current issues related to data protection and data security.
Within the GDDcommunity, the work of the participants is additionally supported. The leaders of the professional networks are in regular contact with the board and the association's office in order to continuously optimize the decentralized work of the association.
Scientific Advisory Board
Support and advice
The GDD-Board of Trustees has established a Scientific Advisory Board to provide advice and support to the association. The Scientific Advisory Board consists of experts in the fields of data protection and IT security.
On the recommendation of the Scientific Advisory Board, the GDD awards the annual scientific prizefor outstanding scientific work in the field of data protec-tion and data security.
Members of the Scientific Advisory Board
- Prof. Dr. Tobias O. Keber, Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg (Vorsitzender)
- Prof. Dr. Norbert Pohlmann, Westfälische Hochschule, Gelsenkirchen
- Prof. Dr. Christopher Kuner, Freie Universität Brüssel (VUB)
- Sabine Leutheusser-Schnarrenberger, Bundesministerin der Justiz a.D.
- Prof. Dr. Jürgen Taeger, Universität Oldenburg
- Prof. Dr. Boris Paal, Universität Leipzig
- Prof. Dr. Michael Meier, Universität Bonn
- Prof. Dr. Rainer W. Gerling, Hochschule München
- Peter Zoche, Fraunhofer Institut für System- und Innovationsforschung, Karlsruhe