Photo of Carsten A. Kociok

Carsten A. Kociok

Carsten Kociok is a partner in the Technology, Financial Services and Data Privacy Practice in Berlin and Co-Head of Greenberg Traurig’s global Fintech Group. He advises national and international clients across all industries, including financial services, information technology, artificial intelligence, ecommerce, media, health care, telecoms, retail and real estate, on a wide variety of complex commercial and regulatory matters.

Carsten is a leading technology lawyer, ranked consistently in Band 1 for Fintech Legal in Germany since 2020. He has in-depth and wide-ranging experience in the areas of privacy and cybersecurity, payments law, financial services, e-money products, blockchain technology, and financial and banking regulation, as well as in artificial intelligence regulation - including compliance with the EU AI Act - and the integration of AI technologies into existing software systems.

Carsten regularly assists clients in licensing projects and audit proceedings with financial regulators and advises on the contractual and regulatory aspects of developing, implementing and operating financial technology products and transactions.

On the data privacy side, Carsten counsels clients on complex data-driven business models and regulatory matters, including on international data transfers, data privacy compliance, monetization of data, artificial intelligence, litigation, cybersecurity and data breach response.

Carsten regularly lectures and publishes on various FinTech and data privacy topics. Prior to joining the firm, Carsten worked at Olswang Germany for eight years and in the Capital Transaction Practice Group of an international law firm in New York.

Follow:Read more about Carsten A. KociokCarsten's Linkedin Profile

The European Accessibility Act (EAA) introduces a unified framework for accessibility across the EU, covering a wide range of products and services. By harmonizing standards and reducing market fragmentation, the EAA aims to make both physical and digital environments more inclusive for people with disabilities.
Continue Reading European Accessibility Act Compliance: What Businesses in the EU Market Need to Know

On August 27, 2020 the Dutch Data Protection Authority (Dutch DPA) announced that it approved the first ‘code of conduct’ in the Netherlands, the Data Pro Code. The Data
Continue Reading Dutch Data Protection Authority approves Code of Conduct for Data Processors in the ICT Sector

On Sept. 24, 2019, the Court of Justice of the European Union (CJEU) decided that the “right to be forgotten” does not require a search engine operator to carry out
Continue Reading EU Limits Territorial Scope of ‘Right to Be Forgotten’ on the Internet

On July 29, 2019, the Court of Justice of the European Union (CJEU) found that a website operator using a social media plugin is a joint controller with
Continue Reading CJEU Finds Website Operators Using Social Media Plugins Are Joint Controllers

While many are still digesting the changes brought about by the EU General Data Protection Regulation (GDPR), a new privacy regulation is already on its way. The Regulation
Continue Reading The ePrivacy Regulation: The Next European Initiative in Data Protection