Johannes Berchtold, LL.M.

Associate

Munich

T: +49 89 20304 4191

Johannes advises technology-driven businesses on European digital regulation. His practice spans data protection, data and IT law, and cybersecurity, with a particular focus on platform regulation and regulatory risk. He regularly counsels online platforms on content moderation, transparency, and reporting under the Digital Services Act and the European Accessibility Act; defends clients in GDPR-related investigations and litigation; and designs and oversees notice-and-takedown workflows under the DSA. He also helps companies build and operationalise compliance programmes under European cybersecurity regimes, including the NIS 2 Directive and the Cyber Resilience Act, and guides incident preparedness, response, and remediation.

Credentials

Education

University of Passau, Germany, 2024, LL.M., Legal Informatics
Higher Regional Court of Munich, 2022, Second State Exam (Bar exam equivalent)
University of Augsburg, 2020, First State Exam (J.D. equivalent)

Professional admissions & qualifications

Germany

Practices

Emerging Technologies

Technology & Data Litigation

Data Protection, Privacy & Cybersecurity

Languages spoken

English, German

Insights

Reed Smith In-depth

The EU Commission’s Digital Package: reforming GDPR, e-Privacy, Data Act, AI, and Cybersecurity

24 November 2025

Reed Smith Newsletters

IT & Data protection update: Germany (Issue 2, 2025)

Reed Smith Newsletters

IT & Data protection Update: Germany 1/2025

Reed Smith Newsletters

IT & Data protection update: Germany (Issue 2, 2025)

Reed Smith Newsletters

IT & Data protection Update: Germany 1/2025

1 / 2

Blogs

New Obligations for Service Providers Under Germany’s EBewMG Implementing the EU e‑Evidence Directive

21 October 2025

ECJ Tightens Rules on GDPR Injunctions and Damages

15 October 2025

NIS2: German Federal Government Presents Draft Legislation

11 September 2025

BGH: Hypothetical Risk is no GDPR Damage

Phishing: Click Carelessly, Lose Your Cash

RED: EU Cybersecurity Obligations for IoT Products from August 2025

Update on NIS2 Implementation in Germany

The German Accessibility Strengthening Act (BFSG) takes effect in 2025: What your business needs to know

German FCJ on Subscriber Data Disclosure to Third Parties

A new framework for data embassies: Saudi Arabia’s Global AI Hub Law

Technology Law Dispatch

New Market Surveillance Authority for Accessibility in Germany

New Authority for Accessibility Surveillance Established

400 Euro GDPR Compensation: Appeal in Bindl vs. Commission Case to ECJ

1.500 EUR GDPR fine against Employee for unlawful Database Query

Can Data Subjects access the DPA between a Controller and a Processor?

February 2025 in Review: Courts on Data Protection – Damages, Transparency & More

NIS2 implementation in Germany failed

30 January 2025

January 2025 in Review: European Courts on Data Protection

27 January 2025

Technology Law Dispatch

European General Court: data privacy pays – 400 EUR for personal data sent across the Atlantic

24 January 2025

Technology Law Dispatch

European General Court: data privacy pays – 400 EUR for personal data sent across the Atlantic

24 January 2025

1 / 20

Events

European Accessibility Act in Germany – Is Your Company in Scope?

Wednesday, February 26, 2025