Victoria Johnson

Lawyer / Senior Associate
  • Specialist Lawyer for Information Technology Law
  • Certified Data Protection Officer and auditor (TÜV®)
  • Certified Whistleblowing Officer

Victoria Johnson is a lawyer, specialist lawyer for information technology law, certified data protection officer and auditor (TÜV) and certified whistleblowing officer. She is also completing a part-time doctorate on a commercial law topic related to the protection of fundamental rights. She advises clients in the public sector and the private sector – from start-ups or small and medium-sized companies to international corporations – on all issues relating to digitisation, IT law and data protection. In particular, this includes the testing and evaluation of digital products, the drafting of contracts under IT and data protection law – both nationally and internationally – the establishment of data protection management systems, the inspection and auditing of companies and service providers, compliance with data protection information obligations, use of social media in compliance with data protection regulations, international data transfer, and advertising. In addition, she supports corporations in the execution of IT security audits as well as implementation within corporate structures.

  • Expertise
    • Media/press law

      Media law regulates the use, distribution and production of media content such as radio, television, print media and online media. Press law is a part of this and deals with framework conditions of the press, including freedom of the press, editorial independence, personal rights, media liability and the right of reply. FPS advises media companies on legal matters relating to freedom of expression, including advice on media content and legal representation in proceedings involving the right of reply, injunctive relief and compensation for damages. We possess industry knowledge and offer advice on typical media contracts, cross-media collaborations and freelance authors. We also support Internet platforms in the areas of copyright, consumer protection and data protection. In the event of online legal violations, we successfully cooperate with law enforcement agencies.

    • IT contract law / outsourcing

      FPS advises in all areas of IT contract law. Whether clients need support in drafting and negotiating IT project contracts, designing and running outsourcing projects or making use of cloud services – we are on hand to help with our experts. In addition to many years of experience in advising a wide range of industries and companies of all sizes, our team has a real technical affinity and a special degree of creativity. This gives us a good technical understanding of our clients’ concerns and business models and enables us to find the best solution for them. Our services include drafting and negotiating IT project contracts (agile, classic, managed services, new business models), outsourcing contracts, service descriptions, service level agreements and pricing plans, and helping clients to prepare for due diligence processes, vendor conferences and on-site visits. We also oversee project and system integration measures as well as hardware and software maintenance and draft licensing, escrow and distribution agreements.

    • IT tenders

      When it comes to IT tenders, we help contracting authorities to choose the right procedure (known in Germany as VOL/A and VOB/A) and implement it. For example, we sit down with our client to work out the desired performance target, taking into account the usual legal and regulatory frameworks, translate the technical requirements into legal language and help to draft the contract documents (in line with EVB-IT, for example, the supplementary contractual conditions for the procurement of IT services). We are familiar with both sides of the coin, not least because in addition to advising public contracting authorities, we also have many years of expertise in advising national and international bidders in the context of public IT tenders.

    • IT litigation / mediation

      In many cases, carefully drawn-up project contracts protect the parties from disputes. Due to the content and complexity of IT projects, however, disputes cannot be completely ruled out. We help our clients to get troubled projects back on track by finding sensible solutions. If necessary, we also support them when asserting their rights (judicially) or defending against claims.

    • Data (protection) law

      Digitalisation unlocks new opportunities for companies and creates space for future-oriented and scalable business models. Data has become the most valuable currency in the digital world. Data protection law – or now data law – is a separate advisory field at FPS rather than a mere annex to other areas of law. FPS helps companies to devise future-proof and legally compliant data usage concepts so that they can achieve their goals when using new technologies: innovation and data protection – when understood correctly – needn’t contradict one another. The GDPR with its drastic fines has significantly increased the risks for companies. FPS establishes what a company is permitted to do with the data and ensures compliance with data protection requirements in a pragmatic way by setting up a data protection management system, which, among other things, includes records of processing activities, data protection policies, data protection information, deletion and authorisation concepts, data protection impact assessments, processes for dealing with information and deletion requests from data subjects and much more besides. And if penalty proceedings are initiated, we defend our clients’ rights against the supervisory authorities. We also provide external data protection officers for our clients – for data protection from one single source.

    • IT security / cybersecurity

      While IT security has long been considered a ‘technical’ matter handled solely by a company’s IT department, its legal relevance can no longer be disputed. Alongside buzzwords such as ‘trade secret’, ‘data protection’ or ‘record fine’, the implications of any liability for executives must be taken into account, for example. In order to fully protect a company and its management, a legal assessment of the risks should always be carried out in addition to examining the matter from a technical perspective. FPS devises cybersecurity strategies to protect government agencies as well as business owners and businesses. In the event of an attack, our experts coordinate the immediate action that needs to be taken, getting in touch with their IT security forensic experts, crisis communication agencies, investigative authorities and insurance companies. And we help our clients to defend themselves against claims for damages and administrative fines.

    • Artificial intelligence

      Artificial intelligence (AI) is influencing more and more areas of life and the economy. AI has been a ‘hot topic’ since the advent of ChatGPT. The potential is huge – so the time has come to get to grips with the legal parameters of AI. This includes, for example, protecting AI-generated works and avoiding copyright infringements by texts, images and software created by AI, not to mention any liability issues, data protection implications and the need to find a sensible approach to handling training and production data. FPS ensures that AI applications are legally compliant. We draft contracts, protect intellectual property and help to uphold ethical standards. In the event of any conflicts, we are our clients’ first line of defence. We also hold training courses on the subject of AI for our clients and their employees, together with leading AI consultants on request.

    Language skills

    German English
  • Education
    since 2022Senior Associate at FPS 
     Certified Data Protection Officer and Auditor (TÜV®)
     Certified Specialist Lawyer for IT Law
    since 2018Lawyer at FPS 
    2018Admission to practise law in Germany 
     Second state law exam
     First state law exam
  • Memberships
  • Publications
    Jörg Kornbrust Victoria Johnson
    Reichweite des Auskunftsanspruchs nach Art. 15 Abs. 1 lit. c DSGVO, EuGH v. 12.1.2023 - C-154/21
    IT-Rechtsberater (ITRB), Feb 23, , S. 31-32
    Jörg Kornbrust Victoria Johnson
    Vergabe von Cloud-Diensten unter Einbindung US-amerikanischer Tochterunternehmen in der EU – Rechtsprechung OLG Karlsruhe v. 7.9.2022 - 15 Verg 8/2
    IT-Rechtsberater (ITRB), Nov 22, , S. 243-245
  • Events


Best Lawyers | Handelsblatt Leading in Intellectual Property Law
2023 | 2022 | 2021 | 2020