Benefits of Membership

LAWorld is a dynamic, modern and technically efficient international legal network.  Our members tell us that the benefits of membership are:
  • The immediate advantage of being internationally connected - with fast access to expert cost effective legal advice anywhere in the world. Your clients will be favourably impressed by the international capabilities you can now offer.
  • The opportunity to receive and make referrals to and from responsive lawyers that you meet and get to know as colleagues, who are bound together by a quality code of practice.
  • Our 55 members are currently located in the following 44 countries: Albania, Argentina, Australia, Austria, Belgium, Brazil, Canada, Chile, China, Colombia, Costa Rica, Croatia, Cyprus, Czech Republic, Denmark, Ecuador, England, Finland, France, Germany, Greece, Hungary, India, Israel, Italy, Japan, Malaysia, Mexico, Morocco, Netherlands, Nigeria, Poland, Portugal, Romania, Russia, Singapore, Slovak Republic, South Africa, Spain, Sweden, Switzerland, Turkey, United Arab Emirates and United States of America.  If LAWorld does not have a member in a jurisdiction that is important to you, it is likely that at least one of our members will be able to recommend a suitable local lawfirm.
  • The use of the LAWorld logo and brand to increase your profile with your clients
  • Annual and regional meetings to discuss issues of common interest, to enhance your international business connections and initiate sound marketing and practice development ideas within a non-competitive legal environment. In recent years the Annual Conference has rotated in member cities around the world:  2012 Rio de Janeiro, 2013 Zurich, 2014 Hong Kong, 2015 Washington DC and 2016 will be in Cape Town, between 6-8 April 2016.  Members connect several times a year: at the annual conference, regional meetings, at the annual International Bar Association conferences and via telephone conferences.
  • Membership of LAWorld is useful in helping to attract and retain high quality staff, as employee exchanges can be arranged with other LAWorld law firms around the globe.
  • An established Code of Practice adopted by all member firms Support of an English speaking administrative and marketing Executive Office with contacts around the world
  • Benefit from inclusion in a modern and technically sophisticated website with a website optimisation programme which has given LAWorld a top Google position for "international legal networks".
  • Participation in marketing and business development initiatives including:

- A website that provides an international legal profile for your firm

- introductions to referrer business organizations during each annual conference

- mutual education and support at conference with talks about local legal/business topics; practice development and marketing topics.

- members brochure

-members on-line blog

- LAWorld marketing material including website entry, newsletters, inclusion in the Martindale-Hubbell International Law Directory, HG Org etc

- Business and Marketing Plan with several new initiatives to support our members

- Internal member news bulletins - keeping you in contact with members regularly

- English editing services for articles, websites etc.

- A younger lawyers network, which encourages the more junior lawyers in your firm to become actively involved in developing social and business relationships with other younger lawyers from around the world.

LAWorld News

Data protection in Denmark and the EU – where are we?

After four years "in the making", the new General Data Protection Regulation (the "Regulation") is expected to be formally adopted very soon. The wording of the Regulation has been publicly known since 15 December 2015.  It is currently being considered through normal legislative procedure by the European Parliament, Council of the European Union and the European Commission.  Once approved, the Regulation will enter into force in all EU member states in the beginning of 2018

The Regulation will in our opinion lead to a significant improvement – and administrative relief – for Danish companies if they have activities throughout the EU. Companies will no longer have to deal with – or seek advice on – personal data rules in the different EU countries.  Similarly, the Regulation proposes to establish a one-stop-shop mechanism, where companies only get assigned to one supervisory authority, although there are exceptions for employment data and national security, which still might be subject to local law.

Under the Regulation, the generally high level of protection regarding personal data as we know today will be maintained. The Regulation will thus to a large extent continue the rules that apply in Denmark already pursuant to the Danish Data Protection Act. However, there are a number of changes - the most significant highlighted here: 

• It is no longer only the data controllers – the companies "owning" data – that are bound by the rules, but also the data processors – the companies handling data. This means, for example, that it is no longer just an  employer company that is responsible for compliance, but also potential subcontractors, such as a payroll agency, to which the employer company has outsourced its processing or storage of personal information. 

• Companies established outside the EU are covered by the Regulation if they offer products/services within the EU. For internet-based businesses it will mainly be a matter of whether the individual company promotes itself towards the European market.  Key factors in the analysis will include whether  the promotion is done in European languages and if prices are specified in European currencies.

• Companies will to a higher degree be required to document an adequate level of data security.  This includes an obligation to implement appropriate technical and organizational measures designed to ensure the protection of personal data (data protection by design).  Furthermore, these measures must also include a high data protection level by default. 

• Some companies will be required to prepare a PIA (Privacy Impact Assessment), which is  an assessment of the risks that arise out of the processing of personal data through their IT-system. 

• If the processing is carried out by a public authority or by companies having processing of sensitive personal data as a core activity, it is a requirement to appoint a DPO (Data Protection Officer).  It is now clear that private companies who are only processing personal data as a subordinate service/activity will not be required to appoint a DPO.  In our opinion, most payroll agencies will be required to have a DPO, whereas more traditional companies, which only handle personal data regarding its own employees, will not be required to have that obligation. 

• The data subjects are entitled to have more access to information about the processing of their personal data, and the information has to be made available in a clear and understandable manner. The current proposal states that a request for access must be answered within four weeks. In addition thereto, the rules on "the right to be forgotten" have been clarified. 

• It will become easier for individuals to have their personal data transferred between service providers. 

• The current requirement to report and notify the supervisory authority about processing of personal data will be removed. The Regulation encourages preparation of an industry-specific "code of conduct"(which may be approved by the supervisory authorities) and certification schemes. This provides a real opportunity to be a leader in the making of specific regulations for your industry and meaningful participation should be considered.

• It will be possible for each member state to fix stricter national requirements regarding specific topics, e.g. on the handling of employee data. It is expected that Denmark will retain the requirement to report processing of employee personal data in the employment context. 

• If serious breaches occur, then the data controller or data processor will be under a legal obligation to notify the supervisory authority within 72 hours. 

• Finally, the level of fines in case of violations has already created an increased focus on the processing of personal data. Violations of the Regulation may thus lead to fines of up to 10-20 mill Euros or up to 2-4 per cent of the company’s total worldwide turnover (whichever is higher) depending on which provisions are violated. For public authorities the level of fines is up to between 10-20 mill Euros. 

Although the new Regulation will not enter into force before the beginning of 2018, it is our recommendation that companies put data protection compliance on the agenda – if this has not already happened.  By implementing a number of specific initiatives companies will not only ensure compliance with the current rules in the Danish Data Protection Act but they will also be well prepared in time for the implementation of the Regulation. 

Concrete initiatives that we recommend companies to implement: 

• Companies are advised to clarify and review their current procedures and policies regarding personal data processing. It is advisable to commence this analysis as soon as possible as it may prove to be quite extensive.

• Companies must ensure that as few employees as possible have access to personal data. Each employee should only have access to the personal data that is necessary for solving the tasks lying with the specific position. Procedures and security measures should be established to ensure this. 

• All employees who handle personal data must have written instruction and training on how to handle personal data and how the personal data should be protected. This instruction/training must be targeted each employee. Thus, for example, the instruction to the HR manager will be different than the instruction to the IT manager, because the latter will only have access to the data in order to solve technical problems. 

• Companies must ensure that access to the IT-system that handles personal data is protected by password and firewall. Furthermore, all access to sensitive personal data should be logged. After a number of unsuccessful attempts (e.g. 3) to gain access to such sensitive personal information, the IT-system should automatically block for further attempts. It should also be possible to delete information in order to meet the "right to be forgotten" demands of the Regulation. 

• Companies (data controllers) should review their contracts with external data processors and make sure that they meet the requirements for good practice regarding data processing, that they have an appropriate level of security and that they will inform the companies in case of security breaches. If no data processing agreements have been made with suppliers, we strongly recommend having them made. 

• Companies should get an approval for the personnel administration at the Danish Data Protection Agency and notify the Agency in case of transfer of data outside the EEA.

Industries should begin formulating codes of conduct now, with input from counsel.  There is no need to wait until the Regulation is effective. 

• Finally, it is important to remember that the Regulation introduces a requirement for "accountability", which means that companies must be able to document that they meet the requirements of the Regulation. Therefore, it is not enough only to meet the requirements of the Regulation - it must also be documented. 

The Regulation is destined to be adopted and represents years of work by knowledgeable authorities.  Prepare for its implementation and your legal risks will be greatly diminished.  Data protection is, and will remain, one of the most important tasks for your company.

For legal assistance or further discussion, please contact the authors:

Tommy Angermair at

Maria Helbo Holck at

Kirk Larsen & Ascanius


H. C. Andersens Boulevard 45

DK 1553  København V

Phone: +45 70 22 66 60

Fax: +45 75 45 46 36

Business News

Asian shares languish near three-week low ahead of U.S. jobs data
Thu, 05 May 2016 21:00:09 -0400
TOKYO (Reuters) - Asian shares wallowed near three-week lows as investors braced for the U.S. payrol...
News Corp's quarterly revenue falls 7.3 percent, profit hit by charge
Thu, 05 May 2016 19:51:48 -0400
(Reuters) - News Corp , owner of the Wall Street Journal and book publisher HarperCollins, reported ...
Alibaba's revenue soars, but new ventures hit profit
Thu, 05 May 2016 15:06:15 -0400
(Reuters) - Alibaba Group Holding Ltd, China's biggest e-commerce company, said fourth-quarter sales...
Hits to Americas oil output show global glut not invincible
Thu, 05 May 2016 19:50:26 -0400
HOUSTON (Reuters) - Wildfires in Canada. Pipeline sabotage in Colombia. Instability in Venezuela. U....

Upcoming Events

Europe/Middle East Regional Meeting and Lawyers Next Generation (Budapest) from 5pm on Friday the 16th of September, 2016 to 5pm on Saturday the 17th of September, 2016

See All Events