Authorization Request – Definition, Legal Classification and Significance
The authorization request is a central instrument of German civil law, especially playing a significant role in the context of claims for injunction, removal, and damages. It serves to clarify the lawfulness of alleged infringements. Through targeted information exchange, potential legal disputes can often be resolved in advance. The following article provides a comprehensive overview of the legal foundations, practical significance, and specific features of the authorization request, including relevant regulations, typical areas of application, and pertinent case law.
Definition of the Authorization Request
In legal terms, an authorization request refers to the demand made to a person or institution to specify or prove the basis of certain conduct or action. It is, for example, raised when the entitlement to assert a claim is questioned. It frequently occurs in the run-up to claims for injunction or removal as well as in intellectual property law.
Legal Foundations of the Authorization Request
Civil Law Context
In German civil law, the authorization request is mainly used when the alleged infringer doubts whether the asserted claims actually exist legally. The authorization request is particularly significant in cases of alleged infringements of intellectual property rights, such as trademark, copyright, or patent rights.
Special Statutory Provisions
The authorization request is explicitly provided for in Section 812(1) Sentence 1 of the German Civil Code (BGB) (claim for restitution from unjust enrichment) as well as in special statutory regulations, for example in the Trademark Act (Section 43 MarkenG) or Patent Act (Section 81(2) PatG). Here, the purported claimant is enabled to substantiate their claims before legal action is initiated.
Typical Areas of Application
Intellectual Property Law
In intellectual property law, especially patent, trademark, and design law, the authorization request is a common means used to clarify, prior to issuing a warning letter or asserting injunction claims, whether an actual infringement has occurred and whether the claimed right exists.
Copyright Law
An authorization request can also be made in copyright law when there are doubts regarding authorship, the granting of rights, or licensing conditions. Such a request can influence the assertion of removal and injunction claims.
Competition Law
In competition law, the authorization request is less common, but it is conceivable in situations where the legitimacy to assert claims due to anti-competitive behavior is to be examined.
Legal Consequences and Significance
Duties to Respond and Impacts
If a legitimate authorization request is not answered, or only inadequately answered, this may have procedural implications. In particular, the claimant then has the opportunity to assert claims for injunction and damages since a lack of entitlement or a breach of the statutory requirements for the claim can be presumed.
Interest and Cost Reimbursement
According to case law, after an unsuccessful authorization request, there is often a claim to interest for amounts paid, starting from receipt of the request. Furthermore, the obligation to bear costs in connection with warning letters and court proceedings may depend on whether the authorization request is answered properly and fully.
Distinction from Unjustified Cease-and-Desist Letters
An authorization request differs fundamentally from an unjustified cease-and-desist letter. While a cease-and-desist letter asserts a specific claim, the authorization request initially aims to clarify entitlement and thus to avoid litigation out of court.
Practical and Strategic Significance
Significance in Pre-Litigation Dispute Resolution
Especially in the field of intellectual property law, it is often advisable to issue an authorization request before sending a cease-and-desist letter. This can help to avoid unnecessary legal disputes, better assess the prospects of success for the proceedings, and, where applicable, signal a willingness to reach an agreement.
Strategic Approach
The form and content of an authorization request require careful preparation. It is advisable to use objective wording to allow for as detailed a response as possible. The reply should be comprehensive, comprehensible, and include all facts relevant for decision-making to exclude unnecessary risks.
Court Rulings on Authorization Requests
German courts have specified the requirements and consequences of an authorization request in numerous decisions. For example, according to the case law of the Federal Court of Justice (BGH), failure to respond to or insufficiently answering an authorization request can be considered an indication of the absence of a substantive legal position. Likewise, the abusive use of an authorization request, such as for delaying proceedings, can be viewed unfavorably.
Summary
The authorization request is an important element for clarifying potential disputes in the context of intellectual property and other civil law matters. It serves to elucidate the facts, to avoid disputes, and can influence further procedural steps. Appropriate and prompt handling of the authorization request is advisable to safeguard rights and avoid negative legal and cost consequences.
Related Terms: Cease-and-desist letter, right to injunction, infringement of intellectual property rights, rights holder, defense against claimsFurther Literature and Sources:
- German Civil Code (BGB)
- Trademark Act (MarkenG)
- Patent Act (PatG)
- Case law of the Federal Court of Justice (BGH)
- Commentaries on Intellectual Property Law
This article provides a comprehensive overview of the authorization request and its significance in the German legal system.
Frequently Asked Questions
Who bears legal responsibility for unjustified authorization requests?
In legal terms, responsibility generally lies with the person making the authorization request. What matters is whether the request complies with applicable laws, such as the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), or specific professional regulations. If a request is unjustified, for example for obtaining personal data without legal basis, this constitutes a data protection breach that, according to Article 82 GDPR, may give rise to compensation claims by the affected person as well as regulatory sanctions. Furthermore, intentional or negligent conduct, such as unlawfully acquiring access rights in electronic systems, could result in criminal consequences (e.g., Section 202a StGB – Data Espionage).
What legal requirements must be met for an authorization request?
Authorization requests are subject to different legal requirements depending on the context. In data protection law, the principle of lawfulness (Art. 5(1)(a) GDPR) is paramount. A legitimate interest or a statutory permission is required before accessing personal data or sensitive areas. In other areas of law, specific access regulations exist, for example in employment law, where access to employee data must be clearly based on statutory grounds, such as collective agreements, company agreements, or contractual arrangements. In public law, such as with file inspection rights of affected persons, statutory requirements, deadlines, and formal requirements must also be observed.
What documentation obligations exist for the granting of authorizations?
From a legal perspective, there is an obligation to document all processes relating to the granting and modification of authorizations in a verifiable manner. According to Article 5(2) GDPR, the principle of accountability applies, meaning that data controllers must be able to demonstrate that the processing of personal data complies with legal requirements. Furthermore, specific documentation requirements exist, e.g., under Section 76 BDSG and industry-specific rules (such as MaRisk for banks, GoBD for companies), which include the logging of access requests, their review, and the final decision. This documentation must be auditable and prepared in a way that is understandable for supervisory authorities.
What legal consequences threaten in the event of breaches of the proper handling of authorization requests?
Violations of the lawful handling of authorization requests may result in both civil and criminal penalties. Data protection supervisory authorities may impose fines under Article 83 GDPR, which are determined based on the type, severity, and duration of the violation and can amount to up to €20 million or 4% of global annual turnover. In addition, affected persons may assert claims for damages. In cases of intentional unlawful data acquisition or use, criminal offenses may also be fulfilled, such as data espionage (Section 202a StGB) or unauthorized data processing (Section 42 BDSG).
What rights do affected persons have in connection with authorization requests?
Affected persons have various legal entitlements, in particular the right of access (Art. 15 GDPR). They can request to know whether and on what legal basis an authorization request was made, who had access, and how their data was handled. They can object to unlawful access, request erasure or blocking, and, where applicable, file a complaint with the competent data protection authority. There is also a right to rectification and, if necessary, notification in the event of data breaches pursuant to Art. 34 GDPR.
How long may authorizations remain valid under the law?
The duration of an authorization must always be based on the necessity principle (Art. 5(1)(c) GDPR). This means access rights may only be granted for the period necessary to fulfill the intended purpose. Once the legal basis lapses, for example at the end of an employment relationship or the completion of a project, authorizations must be promptly withdrawn. There are no general statutory time limits, but regular review and, if necessary, adjustment of rights is mandatory according to legal and organizational requirements.
Must authorization requests always be submitted in writing?
There is no general obligation to submit authorization requests in writing; however, from a legal perspective, it is generally recommended to use the written form or at least a documented electronic form. This provides proof and fulfills the accountability requirement. In sensitive areas and when accessing personal or confidential data, explicit documented consent by an authorized person (e.g., supervisors, data protection officerr) may be mandatory. In certain industries or when dealing with official processes, the written form may also be explicitly required by law.
