Software law covers all legal issues arising from the development, distribution and use of software. As a subfield of IT law, copyright law, data protection law, contract law and industrial property law are of particular importance.

Our law firm can help you with legal advice in the area of software law and support you in all legal matters relating to software and IT.

Topics in our legal advice

Table of Contents

  1. What is software law?
  2. Copyright aspects of software
  3. License agreements and terms of use
  4. Data protection in IT law
  5. Liability for software and IT services
  6. Intellectual property rights in IT
  7. Compliance in software law
  8. Legal questions concerning open source software
  9. The services of software law lawyers
  10. Get in contact with us

What is software law?

Software law is a branch of IT law that deals with the legal issues related to the creation, use and licensing of software. Software is protected by copyright as a work of speech or as a database work, provided that it constitutes a personal intellectual creation.

Copyright protection covers both the source code and the object code of the software as well as the design material. However, the protection does not extend to the idea, the concept or the function of the software.

The transfer of software to third parties is usually effected by means of license agreements which, depending on their content and focus, can be qualified as purchase agreements, rental agreements or contracts for work and services. The contracting parties may agree individually on the rights of use, remuneration, warranty and liability for defects or damage. However, the statutory provisions of the German Civil Code (BGB) and the Copyright Act (UrhG) must be observed.

Various sources of law are of importance in software law. These include in particular:

  • The Copyright Act (UrhG), which regulates the copyright protection of software.
  • The German Civil Code (BGB), which deals, among other things, with contractual and liability issues in connection with software and IT services.
  • Data protection law, in particular the General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG), which regulates the protection of personal data in the IT sector.
  • Industrial property law, such as trademark law, patent law and design patent law, which covers the protection of software and company names as well as technical inventions.

Copyright law provides software developers and providers with an important protection mechanism for their intellectual creations. However, in order to provide this protection, several aspects need to be considered:

1. protectability of software: Not all software is protectable under copyright law. According to Section 69a (3) UrhG, software must constitute “individual works” that are “the result of self-creative achievements”.

    • This means that it must have a certain degree of originality and creativity in software law. For example, simple databases or standard software, which do not require any individual creative effort, are not protected by copyright.

2. copyright barriers: copyright law also recognizes so-called barriers that allow copyrighted software to be used in certain cases without the consent of the rights holder. These include:

    • The duplication of software for backup purposes as regulated in Section 69d (2) UrhG.
    • The decompilation of software to ensure interoperability with other programs, as regulated in Section 69e UrhG.

3. transfer of rights of use: In order to be allowed to use, reproduce or distribute copyrighted software, the transfer of rights of use by the rights holder is required. This is usually done by means of license agreements in which the scope, term and remuneration of the rights of use are regulated.

4. prosecution of copyright infringements: In the event of copyright infringement, the rights holder has various legal instruments at its disposal to enforce its rights. These include:

    • Warning letters and cease-and-desist declarations to prevent further copyright infringement.
    • Claims for damages pursuant to Section 97 (2) UrhG, which can be calculated on the basis of the lost royalties, the damage incurred or a fictitious royalty.
    • Criminal prosecution in the event of serious copyright infringements pursuant to Section 106 UrhG, which may be punished by imprisonment of up to three years or a fine.

License agreements and terms of use

The contractual design of software and IT services is of crucial importance in order to clearly regulate the rights and obligations of the contracting parties and to minimize legal risks. Various aspects of contractual design are explained in more detail below:

Contract types

In software law, there are different contract types that apply depending on the type of service. These include:

  1. License agreements, in which the rights holder grants the licensee the right to use the software under certain conditions.
  2. Contracts for work and services, in which the contractor creates individually developed software and hands it over to the customer in return for payment of a fee.
  3. Service agreements in which the service provider provides IT services, such as maintenance, consulting or support.

Contract clauses

The contractual design of software and IT services should take into account various aspects in order to minimize legal risks. These include:

  1. Regulations on the description of services, in order to avoid misunderstandings and disputes about the scope of services.
  2. Agreements on warranty and liability, in order to clearly regulate responsibility for defects and damage.
  3. Regulations on remuneration, payment terms and the term of the contract.
  4. Agreements on data protection, in particular with regard to the processing of personal data.
  5. Arrangements for the termination of the contractual relationship and for the reversal of services.

General terms and conditions (GTC)

In software law, GTCs are frequently used in order to apply standardized contractual terms to a large number of contract conclusions. However, GTCs must comply with the legal requirements of § 305 et seq. BGB in order to be effective. In particular, they must not unreasonably disadvantage the contractual partner.

Contract negotiations and review

When drafting and reviewing contracts in software law, it is important to consider both the legal requirements and the individual needs of the contracting parties. Legal advice can help avoid legal pitfalls and effectively enforce the interests of the contracting parties.

Data protection in IT law

Data protection law is of great importance in the context of software and IT services, especially since personal data is frequently processed. Various aspects of data protection law are explained in more detail below:

Applicable data protection law: The General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG) are the central legal bases for data protection in Germany. They apply to the processing of personal data by companies that have their registered office in the European Union or offer their services within the EU.

Principles of data protection law: The DSGVO and the BDSG set out various principles for the processing of personal data that must also be observed in software and IT services, such as:

  • Lawfulness, processing in good faith, transparency (Art. 5 (1) a DSGVO).
  • Purpose limitation (Art. 5 para. 1 lit. b DSGVO)
  • Data minimization (Art. 5 para. 1 lit. c DSGVO)
  • Accuracy (Art. 5 para. 1 lit. d DSGVO)
  • Storage limitation (Art. 5 para. 1 lit. e DSGVO)
  • Integrity and confidentiality (Art. 5 para. 1 lit. f DSGVO)

Technical and organizational measures (TOM): companies that process personal data are required under Art. 32 GDPR to take appropriate technical and organizational measures to ensure an adequate level of protection for the data. These may include, for example, encryption technologies, access controls or regular security updates.

Data Protection Impact Assessment (DSFA): For certain types of data processing that involve a high risk to the rights and freedoms of data subjects, a data protection impact assessment must be carried out in accordance with Art. 35 GDPR. This serves to identify potential data protection risks at an early stage and to take appropriate countermeasures.

Commissioned processing: When working with external IT service providers who process personal data on behalf of the company, a commissioned processing agreement must be concluded in accordance with Art. 28 GDPR. This regulates, among other things, the rights and obligations of the contracting parties with regard to data protection.

Liability for Software and IT Services

Liability for software and IT services is a central topic in software law and IT law. The various aspects of liability, including legal explanations, examples, laws and current court decisions, are outlined below:

Legal Basis

Liability for software and IT services arises from various legal regulations, in particular the German Civil Code (BGB). These include:

  • § 280 BGB (compensation for damages due to breach of duty)
  • § 281 BGB (damages in lieu of performance)
  • § 434 BGB (material defects)
  • § 437 BGB (rights of the buyer in case of defects)
    • § 634 BGB (rights of the purchaser in case of defects)

Contractual liability

Contractual liability for software and IT services can arise from various contractual relationships, such as license agreements, contracts for work and services, or service agreements. In these cases, the provider of software or IT services is generally liable for the fulfillment of its contractual obligations, in particular that the service is free of defects.


Within the scope of the warranty, the provider of software or IT services shall be liable for defects that exist at the time the software is handed over or the service is provided. These may be material defects (§ 434 BGB) or defects of title (§ 435 BGB). In this case, the buyer or purchaser has various rights, such as subsequent performance, reduction of the purchase price, withdrawal from the contract or compensation for damages (§§ 437, 634 BGB).

Tortious liability

In addition to contractual liability in software law, tortious liability may also come into consideration, for example if the software or IT service causes damage to persons or property. In these cases, the provider is liable for the damage caused in accordance with § 823 BGB (German Civil Code) (tort).

Limitations and exclusions of liability

Many contracts provide for limitations or exclusions of liability in order to limit the liability risk for the provider of software or IT services. However, such provisions are only effective if they comply with the statutory requirements and do not unreasonably disadvantage the contractual partner (Section 307 of the German Civil Code).

Intellectual property rights in IT

Industrial property protection in the IT sector covers various areas of law that ensure the protection of intellectual property, technical inventions, trademarks and designs. Various aspects of industrial property protection in the IT sector are explained below.

Patent and utility model protection

Patents and utility models protect technical inventions that are new, inventive and industrially applicable. In the IT sector, software and hardware solutions, algorithms or communication technologies in particular can be protected by patent or utility model law. Relevant laws are the Patent Act (PatG) and the Utility Model Act (GebrMG).

Trademark law

Trademark law protects signs that are suitable for distinguishing the goods or services of one company from those of other companies. In the IT sector, trademarks such as company names, logos or product names can be protected. Trademarks are applied for and registered at the German Patent and Trademark Office (DPMA) and are regulated by the Trademark Act (MarkenG).

Design patent and design law

Design law protects the appearance of a product, e.g. the design of user interfaces, icons or hardware components. In the IT sector, both registered and unregistered designs can be protected. The regulations in this regard can be found in the Design Act (GeschmMG) or Design Act (DesignG).

Competition law

Competition law serves to protect fair competition between companies and is particularly relevant in the IT sector when it comes to unfair business practices, such as misleading advertising, betrayal of secrets or imitation of products. The regulations on competition law are primarily found in the Unfair Competition Act (UWG).

Compliance in software law

Adherence to legal regulations and internal guidelines, also known as compliance, is of particular importance in software law and IT law. Companies should therefore establish compliance structures to minimize legal risks and meet regulatory requirements. Various aspects of compliance in software law and IT law are explained in more detail below:

Legal framework: Compliance in software law and IT law encompasses a variety of legal areas that are relevant to the development, distribution and use of software and IT services. These include copyright law, data protection law, competition law, contract law, and industry-specific regulations, such as in the area of financial services or healthcare.

Risk management: Effective compliance requires systematic risk management in order to identify potential legal risks at an early stage and take appropriate countermeasures. This includes conducting risk analyses, implementing control mechanisms and regularly reviewing compliance measures.

Training and awareness: A company’s employees play a crucial role in ensuring compliance with legal regulations and internal policies. Therefore, a comprehensive training and awareness program should be established to inform employees about the legal requirements in software law and IT law and to create awareness of the importance of compliance.

Internal policies and processes: To implement compliance requirements, companies should develop internal policies and processes that comply with legal requirements and are tailored to the company’s individual needs. These include, for example, guidelines on software licensing, the processing of personal data, or IT security.

External consulting and auditing: Working with external consultants, such as lawyers or data protection officers, can help ensure compliance in software law and IT law and avoid legal pitfalls. In addition, conducting external audits and certifications can help to strengthen the trust of customers, business partners and regulatory authorities in the company’s compliance structures.

Legal questions concerning open source software

Open source software (OSS) has become increasingly important in software law in recent years. The legal issues that arise in connection with the use, distribution and development of open source software are diverse and complex. Various aspects of the legal issues surrounding open source software are outlined below.

1. copyright aspects

Open source software is subject to copyright law, which guarantees the protection of intellectual creations. According to § 69a UrhG, the authors of software are the developers who created the program. They have the exclusive right to reproduce, distribute and make the software publicly available (§§ 69c, 19a UrhG).

2. Open Source Licenses

To classify software as open source, it is published under certain licenses that grant users extended rights. Well-known open source licenses are, for example, the GNU General Public License (GPL), the Apache License or the MIT License. The license terms regulate the use, modification and redistribution of the software and often include limitations of liability.

3. Copyleft and permissive licenses

Open source licenses can be divided into two main categories: Copyleft licenses and permissive licenses. Copyleft licenses (e.g., GPL) require that derivative works be published under the same license terms, while permissive licenses (e.g., MIT License) provide greater freedom regarding the use and licensing of derivative works.

4. license compliance

Compliance with the open source license terms is of great importance for users and developers. Violations of the license terms can lead to legal consequences, such as injunctive relief, claims for damages, or even revocation of the rights of use.

5. Open source and proprietary software

Combining open source software with proprietary software can lead to legal problems, especially if the open source licenses used contain copyleft provisions. To avoid legal disputes, developers and companies should carefully check whether the open source components used are compatible with the objectives of their own project.

6 Liability for Open Source Software

Most open source licenses contain disclaimers and limitations of warranties that limit the liability of developers and distributors. However, such limitations of liability may be invalid in certain cases, especially if they violate mandatory legal provisions or unreasonably disadvantage the licensee (§ 307 BGB).

7. Data protection and open source software

Data protection aspects are also of great importance in connection with the use of open source software. Companies and developers must ensure that the software used complies with the requirements of the General Data Protection Regulation (GDPR), in particular with regard to the processing of personal data, IT security and compliance with the principles of data minimization and privacy by design.

The services of software law lawyers

Software law attorneys provide clients with comprehensive legal advice and representation in all matters of software and IT law. The services cover a wide range of topics and issues that are of great importance to companies and developers. In the following we present suitable services.

Contract drafting and review

A law firm supports its clients in drafting, reviewing and negotiating contracts in the software and IT area, such as software license agreements, IT project agreements, software development agreements, maintenance and support agreements, cloud computing agreements or data protection agreements.


The firm advises and represents clients in all copyright matters related to software and IT services. This includes asserting and defending copyright claims, advising on open source licenses, and reviewing software transfers and exploitations.

Industrial property rights

The services in the field of intellectual property protection include advice and representation in the registration and enforcement of patents, utility models, trademarks and designs in the IT sector, as well as the defense of claims under competition law and the enforcement of injunctive relief and claims for damages.

Data Protection

The lawyers advise clients on the implementation of the requirements of the General Data Protection Regulation (GDPR) in the IT sector, in particular with regard to the processing of personal data, IT security, order processing, data protection impact assessment and cooperation with data protection authorities.

Liability and compliance

Legal advice and representation in liability issues arising from the provision of software and IT services, as well as support for clients in the implementation of IT compliance measures, e.g., with regard to software licenses, open source software, export controls or IT security, are also included.

E-commerce and Internet Law

The law firm advises clients on all issues of e-commerce and Internet law, such as the design of online stores, the implementation of online marketing campaigns, compliance with information obligations or the defense against warning letters and the enforcement of claims in connection with domain disputes.

Litigation and court proceedings

Representation in and out of court in disputes arising from software and IT law issues is a broad area of activity. This includes the assertion and defense of claims, representation in preliminary injunction proceedings, lawsuits or arbitration proceedings, as well as the enforcement of judgments and assistance in settlement negotiations.

Current court decisions

A law firm continuously informs clients about current court rulings and developments in the field of software and IT law in order to provide sound and up-to-date legal advice and representation. In doing so, they analyze the impact of case law on our clients’ business practices and develop strategies to adapt and optimize their legal position.

International and European Aspects

Since software and IT services often have a cross-border character, lawyers also consider international and European aspects of software and IT law. This includes advising on country-specific regulations, cooperating with foreign colleagues and representing clients before European courts and authorities.

Trainings and lectures

In order to raise awareness of legal issues in the software and IT field and to enable clients to identify and minimize legal risks at an early stage, law firms offer training courses, lectures and workshops on various topics of software and IT law.

Get in contact with us

Overall, software law is a complex and constantly evolving area of law that is of great importance to both developers and users of software. It is important that all parties involved are aware of their legal obligations related to the development, distribution, and use of software in order to avoid problems and potential legal consequences.

If you need help or have questions, you can contact us in the entire German-speaking area.