Cybercrime, IT & Data Protection

With the digital transformation, the share of computer-supported processes in the company is constantly growing. Work and workplace are increasingly being decoupled by means of communication technology – remote working is the order of the day, especially in times of pandemic. The downside: There is hardly any other area where immediate risks for the company are realised than in the area of IT and data protection.


Theoretically, every company is exposed to the risk of falling victim to a cyber attack. If hackers paralyse the company’s IT or hijack data, this not only entails immense costs for restoring the ability to work. If personal data and confidential information of business partners and customers fall into the hands of the perpetrators, the attacked company itself is liable if protection is inadequate.

For companies, protecting themselves against cybercrime is therefore an important component of compliance. If IT compliance regulations are not adhered to, companies are now threatened with severe fines.

Developing prevention programmes against cyber attacks and providing criminal law support in the event of a crisis is a focus of our practice in the area of IT criminal law. In teams of experienced criminal lawyers and IT specialists, we advise corporate management on how to minimise legal and factual risks in the context of cybercrime and initiate compliance investigations that help to identify weaknesses of a technical or organisational nature. ( >> IT Forensics)

IT Criminal Law & Data Protection

It is not always large-scale hacker attacks from outside that threaten corporate IT. IT criminal law includes other offences that the legislator has successively included in the Criminal Code, such as spying on data (§§ 202a-c StGB), computer fraud (§ 263a StGB), data alteration (§ 303a StGB) or computer sabotage (§ 303b StGB). Copyright offences through unauthorised downloads of music and films or fraud on online shopping platforms also fall within the scope of IT criminal law in the broadest sense.

Since the entry into force of the General Data Protection Regulation (GDPR), at the latest, data protection violations have been a particularly serious liability issue for companies. If personal data comes to the attention of third parties without the company collecting the data having taken sufficient security measures and also having documented this, there is now a threat of severe fines.

We support companies in optimising their compliance with regard to IT security and data protection. In doing so, we point out the risk areas and help to sensitise employees to them, for example in the context of internal company training.

Typical topics:

  • Hacker attacks through ransomware
  • Data theft and spying on data
  • Industrial espionage
  • IT compliance
  • Review of IT security guidelines
  • Breaches of data protection laws
  • IT forensics

They can count on us:

  • Managing directors
  • IT and R&D executives
  • Compliance officers
  • External consultants

IT forensics

We have particularly extensive practical experience in the field of IT forensics. Read more here.