Skip to content

Catherine Di Lorenzo

Counsel

Luxembourg

Di Lorenzo Catherine
Catherine Di Lorenzo

Counsel

Luxembourg

Catherine specialises in information technology with a particular focus on data protection (ranging from advice on compliance steps or the use of mobile applications, cookies or similar techniques to assistance in case of investigations performed by the data protection authority), IT contracts and negotiations, e-commerce, advertising (including targeted advertising), media and telecommunications, intellectual property and regulatory issues (notably regarding IT outsourcing in the financial sector). She has been active in these areas in Luxembourg since 2006. In the past years, Catherine has also lectured IT law at the University of Luxembourg.

She is a member of APDL (the Luxembourg association for data protection), FedISA (the Luxembourg chapter of an international electronic archiving community) and ITechLaw. Catherine is also a member of Fedil ICT (the Luxembourg industry federation and local chapter of BusinessEurope), IAPP (International Association of Privacy Professionals) and Girls in Tech Luxembourg. She participated in the preparation of a position paper and amendment suggestions on the draft EU data protection regulation as well as in a presentation on net neutrality made to a delegation of the Luxembourg Parliament. Catherine has been on secondment twice with a major e-commerce company where she mainly worked on general commercial and data protection aspects.

Catherine is a member of the Data Protection Forum, the ICT Forum, and of the Trust and Cybersecurity Forum of the Luxembourg Bankers' Association (ABBL). She is the co-editor of Pin Code, the first legal magazine for IP, IT and data protection matters in Luxembourg.

She is also an active member of our FinTech task force, supporting clients from established financial institutions, incumbents and start-ups in developing innovative products.

News & insights

Abstract graphic

Publications: 30 MARCH 2020

Covid-19 coronavirus: emerging data protection and cybersecurity guidance

The Covid-19 coronavirus is creating a need for organisations to process personal data, for a variety of specific purposes (including managing and protecting their workforce, customers and the public).  Many of these processing activities are not part of “business as usual”, so established policies and protocols may not exist. Organisations face a challenge to ensure that this processing complies with data protection and privacy laws, particularly given the urgency behind some of these processing activities and other pressures, which means there is limited time available for consideration and consultation.

Read more

Publications: 18 MARCH 2020

Digital transformation

Digital transformation, built on IT cornerstones of cloud, mobile, social and big data, is affecting all industries. 

Read more

Publications: 16 DECEMBER 2019

Protection of whistleblowers: What are the employer’s obligations?

As the new directive on whistleblowers must be transposed at the latest by 17 December 2021, employers should start thinking about how to implement their future obligations.

Read more

Publications: 02 OCTOBER 2019

GIR - data privacy & transfer in investigations

Regulators and enforcement authorities across the globe are continuing their focus on the activities of banks, corporations and their employees.

Read more

Office

Luxembourg

Allen & Overy
5 Avenue John F. Kennedy, L-1855 
Luxembourg

View office →

Qualifications

Professional

Admitted as avocat à la Cour, Luxembourg, 2010

Admitted to the Luxembourg bar under her professional home title, 2006

Admitted as Rechtsanwalt, Germany, 2006

Referendarin, Germany, 2003-2005

Academic

Doctorate in law, University of Trier, 2013

Second German Law Degree, Oberlandesgericht Koblenz, 2005

First German Law Degree, University of Trier, 2003

Published work

"Protection des données personnelles - recueil de textes" (co-author, 2019)

"La sous-traitance informatique dans le secteur financier - cadre légal et implications pratiques" (co-author, ALJB 2014)

"Probleme der strafrechtlichen Produkthaftung von Vorstandsmitgliedern einer Aktiengesellschaft für das Zustandekommen eines rechtswidrigen Beschlusses - Haftung für vorsätzliches positives Tun bei Zustimmung, Enthaltung und Gegenstimme" (Europäische Hochschulschriften 2013)

"Luxemburg als Vorreiter - Chance e-Archivierung" (interview Lëtzebuerger Journal, February 2013) 

"VoIP: une activité réglementée ?" (AGEFI, January 2010) 

"IT outsourcing in Luxembourg: impact of outsourcing in practice" (four-parts article, AGEFI, September 2009, October 2009, November 2009 and December 2009) 

Global Privacy and Security Law – Luxembourg chapter (Aspen Publishers, 2009) 

"La biométrie ou comment faire de l’homme une donnée" (ITNews, November 2008)