- In Germany if you put up a web site that has to contain a site imprint. If you don't put all the required informations on it, you can easily get sued.
- In Germany if you put up an open WiFi, if you don't pay a lot of attention on the legal details, it can easily happen that you get sued if someone does something illegal on your open WiFi (Mitstörerhaftung; the internet dictionary that I use does not even know how this can be translated to English, because such a concept seems to be unheard of in English-speaking countries).
- The Datenschutzgesetz (data protection act). While I consider it as a good idea, it is very foreign for people from the US. You are only allowed to store as few data as necessary on a person and if necessary you have to anonymize or pseudonomize the data:
Most prominently, a mere collection of facts can be copyrighted by someone in Europe as long as that entity spent substantial effort collecting/collating/displaying it (the "Database Directive"). In the US, a minimum amount of creativity is required before a work is considered copyrightable per Feist v. Rural Telephone Co.. This can have a serious effect on which datasets are free for your program to use.
Both the US and the EU have a long history of shutting down companies that incorporate "screen scraping" to gather data, even if that data is freely available or owned by the entity controlling the scraper. But the EU may shut you down whether you contact someone's server or not, on the basis of violating database ownership.
I'm not a lawyer in either jurisdiction so this is just based on my layman's knowledge and may not be complete.
- In Germany if you put up a web site that has to contain a site imprint. If you don't put all the required informations on it, you can easily get sued.
- In Germany if you put up an open WiFi, if you don't pay a lot of attention on the legal details, it can easily happen that you get sued if someone does something illegal on your open WiFi (Mitstörerhaftung; the internet dictionary that I use does not even know how this can be translated to English, because such a concept seems to be unheard of in English-speaking countries).
- The Datenschutzgesetz (data protection act). While I consider it as a good idea, it is very foreign for people from the US. You are only allowed to store as few data as necessary on a person and if necessary you have to anonymize or pseudonomize the data:
> https://www.gesetze-im-internet.de/bdsg_1990/__3a.html
You also have a right to get information what data is stored about you:
> https://www.gesetze-im-internet.de/bdsg_1990/__19.html
Such laws caused problems for Facebook: http://europe-v-facebook.org/EN/en.html
- The (in)famous §202c StGB: https://dejure.org/gesetze/StGB/202c.html which makes it a dangerous legal gray zone to to security research.