+49 221 33 77 23-0
IT Criminal Law

IT Criminal

What is IT Criminal Law

IT criminal law can be divided into three areas, cybercrime, IT investigative measures and IT compliance, which have numerous points of contact in practice.


Cybercrime is a collective term for all offences committed by means of information technology (IT). It is thus a cross-sectional matter throughout the entire (white collar) criminal law. The focus of the offences covered by this term can have different directions: Information technology systems themselves can be the target of criminal offences, e.g. spying on data pursuant to Section 202a of the German Criminal Code through hacker attacks. However, the use of information technology can also be a mere means of committing an offence, e.g. in the case of fraud pursuant to Section 263 of the German Criminal Code through phishing e-mails.

The defence of accused parties is primarily concerned with accusations of spying on data, betrayal of business secrets, (computer) fraud and money laundering. The use of new technologies are often not yet fully covered by the law. We identify and optimally use the resulting potential for defence.


In addition to the area of cybercrime, IT criminal law also includes the collection of digital evidence in criminal proceedings. Experienced lawyers are available at all of our law firm's locations who can provide immediate assistance in the event of a search, inspection and seizure of data or in the event of a request for handing out of data in order to set the right course for the further proceedings.

Encryption and anonymisation techniques present enormous challenges for the investigating authorities. However, the assignment of special competencies within the police and the public prosecutor's office as well as the continuous expansion of investigative powers enable law enforcement agencies to gain far-reaching access even to highly protected data. We know the shifting boundaries of what is technically possible as well as what is legally permissible and know how to represent our clients' interests in the best possible way.


Furthermore, we assess whether business models based on information technology constitute potential risks under criminal law and, if so, how these risks can be mitigated or eliminated. For this purpose, we also prepare legal opinions if required.

We advise companies as victims of hacker attacks, which occur particularly frequently in the form of DDoS attacks, ransomware attacks or CEO fraud. If people access company data from the outside - or even from the inside - fast action is required. We work with IT forensics companies of various sizes to arrange the appropriate support in an emergency. We can support crisis management as well as communicate with law enforcement as well as IT security and data protection authorities. In the aftermath of a cyber incident, we advise on which IT compliance measures may be useful and appropriate for the affected company.

Finally, we advise companies on implementing technical and organisational data protection measures. In the event of a data protection breach, we represent the company vis-à-vis the supervisory authorities.

Who hires us

  • Directors, Boards
  • Self-employed persons and employees in the IT-sector
  • Compliance Officers
  • Victims of cyber crime

Point of Contact

 Diana Nadeborn Diana Nadeborn  Markus Ende Markus Ende Our 360° Services