Recent Developments In Information Technology Law

Thomas Heymann

Lars Lensdorf

Katharina Scheja

German IT law has been influenced by three legal projects and a couple of interesting court decisions, all of which will affect the IT industry.

Katharina Scheja,Lars Lensdorf and Thomas Heymann, Heymann & Partner Rechtsanwalte

Legislative Projects

The past two years have seen vivid discussions of three legal projects that were under way in the EU and in Germany: the planned EU Software Patent Directive, the revision of the German copyright law introducing device levies and the draft law to implement the EU Enforcement Directive. Only one of these three projects has been enacted.

Mission impossible: a resolution on software patenting in Europe

The debate on software patents was vigorously fought out, particularly in Germany, where the patent office and patent court have taken a restrictive approach as regards the patentability of software over the years. It would certainly have been desirable to close the gap between the European Patent Office and court practice (notoriously much more in favour of software patents) to come to a harmonised approach in Europe. But again an important harmonisation project failed and had to be dropped. At the moment it is unclear when the European legislator will look at this issue again.

Mission possible: the implementation of the Enforcement Directive

German government leaders repeatedly comment on the importance of efficiently attacking intellectual property infringements. A draft law on the implementation of the Enforcement Directive has been on the table for a couple of years now; it has been discussed at length and in detail but it is unclear what the present status is. The current draft law as discussed in Germany would exceed the requirements of the directive in some areas. The draft law provides for claims against the opponent – and involved parties such as access providers – to submit evidentiary documents and material regarding the scope and volume of intellectual property infringements if some certainty regarding the violation has been established. The courts may order appropriate protection of business secrets. The draft law also explicitly allows preliminary injunction proceedings that may be initiated to enforce such information claims; it would be a big step forward if the draft law were finally enacted.

Mission accomplished: the revision of German copyright law

After years of intense discussions, at last the planned changes to German copyright law have been enacted and will come into force as of next year. The most prominent change is the introduction of device levies. All devices and storage facilities that can be expected to be used to replicate copyrighted works, such as DVDs or CDs, are subject to such levies. It is not decisive whether or not the device is meant to replicate nor whether it in reality is used for that purpose. In a previous draft, the legislator had attempted to impose defined percentages of the sales revenue as a levy onto the device manufacturers but has now abstained from this course. Instead he has referred the issue to negotiations between the collecting societies and the device manufacturers. This will probably cause very lengthy, intense and not always amicable negotiations and settlements. Ultimately the courts will have to resolve any issues that cannot be settled among the parties.

A second noteworthy change is that usage rights may in future also be granted for future usage forms unknown at the time of contract closing. So far German law had declared all such clauses null and void which attempted to transfer usage rights for unknown forms of usage. This improves the position of all licensees of copyrighted work. But this improvement is balanced by the obligation to reimburse the creator of the work adequately.

Court Decisions

German courts have issued a couple of interesting decisions, though no landmark cases have occurred. Still, they are of some practical importance and deserve a summary. Again we have picked three legal problems that were dealt with: (i) can licences obtained through a volume licensing model be partly transferred to a third party without the licensor’s consent? (ii) are the provisions of the General Public Licence valid and enforceable under German law? (iii) what are the duties of access providers to detect and remove infringing products?

Transfer of used licences

Munich courts had to decide on an action brought in by Oracle against a German reseller of used licences. These licences had been obtained through a download opened up to Oracle licensees. These licence agreements were not transferred in full nor were all licensed software products transferred. Instead, a certain number of ‘software licences’ were carved out, made part of a transfer agreement and handed over to a new licensee without Oracle’s consent. The Munich courts decided that this ‘licence transfer’ was void and illegal. The question will now be subject to the Federal Court’s evaluation.

Effect of the General Public Licence (GPL)

In a second decision, German first instance courts have confirmed the enforceability of the GPL provisions in Germany. The GPL is considered a form of general terms and conditions and, as such, subject to legal review. However, German courts so far have held that the GPL should be acknowledged as containing valid contractual provisions defining the terms of use. In its most recent decision, the first instance court in Munich has checked single clauses of the GPL and held that these are enforceable under German law. Overall, the GPL as a concept has received positive confirmation by German courts. The same is true for the clauses that have come under legal revision so far.

Duties of eBay as regards infringing products

In another recent decision, the German Federal Court has commented on the duties of eBay. The case was brought in by Rolex, the Swiss manufacturer of watches. The court firstly ruled that eBay cannot generally refuse liability for the distribution of trademark-infringing products over its platform. Though no extensive investigative efforts can be imposed to avoid future violations, the court held that at least automatic filtering might be an efficient means to control offers and detect infringing product offers. The case was referred back to the Appellate Court to define which technical means could be considered efficient while not harming the business model as such. It has, however, been underlined that eBay and other platforms can be made liable to prevent illegal offers and establish measures to police their sites.

Recent Developments in Outsourcing

Whereas in the early days outsourcing projects were characterised by the transfer of huge mainframe centres to IT service providers, the scope of outsourcing projects – as well as the underlying intentions, motivations and purposes of the customers – has changed dramatically. Owing to these developments, the underlying concepts of outsourcing projects and the requirements for a state-ofthe- art outsourcing agreement have changed.

Increasing Volume of Business Process Outsourcing

Though the outsourcing market initially began in the IT area (such as with the transfer of data centres, client-server outsourcing, outsourcing of telecommunications systems), the transfer of whole business processes such as HR administration, finance and accounting services, facility management services and logistic services to third parties (business process outsourcing) has become more and more important. But IT remains crucial, if not the driving factor, in many business process outsourcing projects.

Specific Issues of Business Process Outsourcing Projects

Multi-vendor strategies

As a consequence of the growing importance of business process outsourcing projects, a lot of service providers have started to focus on specific business processes which are niche, instead of appointing one single provider to cover a multitude of business areas. This has lead to multi-vendor environments that require a strong internal operational team and sophisticated contract drafting. While in the earlier days it was preferable to move employees from the company payroll onto a service provider’s, the requirements of strong multi-vendor management have changed this approach dramatically. Customers have moved rather to keep valuable know-how in-house and tend to reorganise their teams to build up stronger and better-staffed service management teams internally.

This new approach poses challenges with regard to contract drafting. Most prominently, the multitude of organisational interfaces tightly connected to the question as to who takes legal responsibility for failures and service deficiencies requires careful ‘service mapping’ and contractual safeguarding. Additionally, the tasks of service provider management, coordination and cooperation come into play. These are issues that have to be carefully addressed in an outsourcing agreement.

Data Protection

Data protection issues have always been a hot topic in outsourcing agreements. As a result of greater ‘offshoring’ activities, the importance of data protection has grown. The necessity to implement adequate measures to protect what could constitute personal data outside the EU has increased. The restriction on transferring personal data to a country outside the EU, unless that country ensures an adequate level of protection, is likely to affect any outsourcing of services offshore by a customer with operations in the EU.

Currently there are a limited number of countries outside the EU (such as Canada, Switzerland and Argentina) that have been acknowledged by the European Commission as ensuring an adequate level of data protection. India is making progress with regard to a satisfactory data protection regime but has not yet been acknowledged. Therefore, transfer of personal data to India (and other countries not acknowledged by the European Commission) still needs specific attention in an outsourcing agreement.

The most pragmatic way to handle the transfer of personal data outside the EU to a ‘not-acknowledged country’ is acceptance of the data protection standard clauses approved by the European Commission. With regard to the transfer of personal data to the US, the Safe Harbor agreement may offer another solution: companies that sign up to the Safe Harbor regime will be considered to be offering adequate protection for this purpose.

Second-Generation Outsourcing

Service transfer to a new provider or reinsourcing very often is more difficult than anticipated. Old outsourcing agreements very often do not support such change; termination support provisions are often insuffi- ciently drafted. Crucial issues that need to be properly addressed in an outsourcing contract concern the scope of service documentation, customer-related data in common format, transfer of third-party agreements, access to key personnel and re-transfer of IP.

Finally, a potential staff re-transfer (in the case of a re-insourcing) or a staff transfer from the original service provider to a subsequent service provider (as the case may be) have to be considered. In this context, very often the Directives on the Transfer of Undertakings (Directive 77/187/EEC and Directive 2001/23/EC) and their national implementing legislation have to be taken into consideration. Broadly speaking, the directives and the corresponding national law in the EU member states provide that an employee’s contract of employment in a transferred undertaking passes to the new employer. As a consequence, the new employer is bound to take on that employee and to honour the existing terms and conditions. There is a wealth of detailed case law, both on a European and national level. In a nutshell, the applicability of the directives is not unlikely, even in the case of the transfer from a first to a second outsourcer.

In sum, outsourcing projects have become much more sophisticated over the years, which requires creative legal project management and contract drafting of the highest order.

Back to top

Follow us on LinkedIn

News & Features

Community News



Pro Bono

Corporate Counsel

Women in Law

Future Leaders

Research Reports

Practice Areas


The Who's Who Legal 100


Special Reports



About Us

Research Schedule

It is not possible to buy entry into any Who's Who Legal publication

Nominees have been selected based upon comprehensive, independent survey work with both general counsel and private practice lawyers worldwide. Only specialists who have met independent international research criteria are listed.

Copyright © 2019 Law Business Research Ltd. All rights reserved. |

87 Lancaster Road, London, W11 1QQ, UK | Tel: +44 20 7908 1180 / Fax: +44 207 229 6910 |

Law Business Research Ltd

87 Lancaster Road, London
W11 1QQ, UK