Volume

Term and Meaning of “Volume” in Law

The term “Volume” comes from English and literally means “volume” or “amount”. In legal science, “Volume” refers to various aspects of quantifying and assigning quantities, particularly in connection with measurements, contracts, and certain sectors of the economy. The legal relevance ranges from specific regulations in commercial law, tax law, intellectual property law, to data protection and competition law. The following sections examine the various legal fields of application and meanings of volume under German and European law.

Volume in Contract Law

Significance in the Context of Quantity and Performance Specifications

In contract law, “Volume” primarily describes the quantitative amount of a service to be delivered or provided. In purchase, work, or service contracts, the precise specification of the volume, for instance in liters, cubic meters, or units, is essential for determining the contract object (§ 433 BGB, § 631 BGB). A missing, inaccurate, or unverifiable volume specification can lead to the invalidity of parts of the contract, or even of the entire contract.

Obligations of Seller and Buyer

Within the framework of so-called volume contracts, the seller undertakes to deliver a certain quantity of goods, while the buyer is obliged to accept and pay for these goods. Legally, this is relevant in particular to framework agreements with purchase obligations or minimum purchase quantities.

Contract Interpretation and Disputes

The correct definition of volume is often the subject of interpretation and disputes. Decisive are, in particular, the rules of contract interpretation pursuant to §§ 133, 157 BGB. If there is a deviation between the actual volume delivered and the contractually agreed amount, the statutory rules on liability for defects (§ 434 et seq. BGB) as well as performance disruptions (e.g., impossibility, delay, defective performance) apply.

Volume in Commercial and Business Law

Commercial Transactions and Trade Dates

In commercial law, the term plays a key role in commercial transactions involving goods (§ 343 HGB et seq.). Particularly in the case of so-called quantity transactions, the contract quantity—often referred to as “Volume”—is legally binding. This also applies to international delivery terms (Incoterms), the fulfillment of which is tied to specific quantity or volume determinations.

Finance and Stock Exchange Law

In the financial sector, the term “Volume” refers to the trading volume, i.e., the amount of traded shares or securities within a specific period. Legally, this is particularly important for market transparency, disclosure obligations, and compliance with regulatory provisions such as the Market Abuse Regulation (MAR) and MiFIR/MiFID II.

Insider Law and Market Abuse

Certain legal regulations, such as those related to market manipulation, are based on the reported trading volume. For significant volumes, certain reporting obligations to supervisory authorities must be observed, in order to prevent insider trading and market manipulation.

Volume in Tax Law

Value Added Tax and Volume Discounts

Tax law takes volume specifications into account, especially in connection with volume discounts. These reduce the tax base for VAT, as they are to be recorded as a subsequent reduction in consideration under § 17 UStG. The requirement is that, through volume agreements, discounts or bonus payments are granted depending on the achieved sales volume.

Excise Duty Law and Energy Taxes

In the field of excise duties (for example on energy, alcohol, tobacco), the volume sold or imported is decisive for the calculation of taxes (§ 2 para. 3, § 8 para. 1 EnergieStG). An incorrect volume measurement can have tax or even criminal consequences.

Volume in Antitrust and Competition Law

Market Dominance and Market Volume

In antitrust law, “Volume” is important for determining the relevant market and the market volume. The dominance of a company under §§ 18, 19 GWB is measured, among other things, by its market share of the total market volume. In merger control, volume data is also used to assess market structure.

Price Agreements and Volume Steering

In the context of antitrust violations, volumes play a role, for example when companies secretly agree on the division of market volumes or impose competition restrictions through quantity agreements. Such violations are prohibited under German and European antitrust law (§§ 1, 2 GWB, Art. 101 TFEU) and may result in significant fines.

Volume in Intellectual Property and IT Law

Data Volume and Licensing Models

In IT and licensing law, “Volume” often refers to the scope or number of permitted installations, accesses, or uses of digital products. So-called “Volume Licensing” agreements govern the licensing compliance for corresponding multiple usage. The decisive factor here is how the usage volume is defined by contract and technically monitored.

Copyright Implications

For streams, downloads, and on-demand offers, the data volume is sometimes the basis for calculating remuneration and licensing. Precise determination of the usage volume is essential for legal reasons, as it significantly affects the distribution of remuneration to rights holders.

Volume in Data Protection Law

Volume Limits and Data Management

In data protection law, the term “Volume” has a subordinate, yet increasingly relevant, meaning with regard to the management of large data sets (Big Data). The amount of personal data collected, stored, and processed (“data volume”) affects the appropriateness of technical and organizational measures pursuant to Art. 32 GDPR.

Practical Importance and Summary

The term “Volume” is an essential control and classification feature in law that influences the concrete structure of contractual, business, and regulatory obligations. The precise definition and correct measurement of volume are often crucial for the effectiveness of legal transactions, compliance with tax and regulatory requirements, and for the protection of the economic interests of all parties involved.

In virtually all areas of law where services, goods, financial instruments, or data are objectified, quantified, or controlled in terms of quantities or flows, the total volume is legally relevant and often the subject of detailed statutory or contractual provisions.

See also:

• Units and Measures in Law
• Quantity Contract
• Market Volume
• License Agreements
• GDPR
• Excise Duty

Frequently Asked Questions

What legal requirements apply to the storage of personal data in volumes?

When storing personal data in volumes within digital systems, various legal requirements must be observed, in particular from the EU’s General Data Protection Regulation (GDPR). Key requirements include ensuring that access to volumes is strictly controlled so that unauthorized third parties cannot access personal data. Appropriate technical and organizational measures must be implemented in accordance with Art. 32 GDPR—which include encryption of stored data, access controls, and regular security audits. Furthermore, it must be transparently documented which data is stored in which volume, who may access it, and how the integrity and availability of the data are ensured. In addition, data must be deleted after the storage purpose has expired. If volumes are operated by external service providers (“cloud storage”), it is mandatory to conclude a data processing agreement pursuant to Art. 28 GDPR.

What legal aspects must be considered during volume migration?

The migration of volumes—for example, from a local data center to a cloud environment—is subject to comprehensive legal requirements. First, it must be ensured that the new storage location meets the same data protection standards; in particular, personal data may only be transferred to third countries under the GDPR if an adequate level of data protection exists there (cf. Art. 45 GDPR). Before starting the migration, a risk analysis should be conducted to identify and prevent potential data loss or breaches. During migration, the confidentiality, integrity, and availability of the data must be maintained at all times. Depending on the sensitivity of the data, additional statutory requirements (e.g. from the IT Security Act or industry-specific regulations) may need to be observed. Data subjects must—if the purpose of processing, storage period, or data controller changes—be informed where necessary.

What statutory requirements apply to the deletion of data from volumes?

The deletion of data from volumes is primarily regulated by the GDPR, specifically by the “right to be forgotten” under Art. 17 GDPR. Personal data must be deleted as soon as it is no longer required for the original purpose, or if a data subject effectively objects or withdraws their consent. Companies are required to implement understandable and technically feasible deletion concepts to ensure that data is actually and permanently removed from all relevant volumes (“irrecoverability”). For cloud volumes, such processes must also be coordinated with the cloud provider. In addition, there are special retention obligations (e.g. under the Commercial Code or the Fiscal Code) that prohibit deletion for a certain period. Once this period has expired, deletion is then mandatory.

What documentation obligations exist regarding information stored in volumes?

Operators of volumes must observe extensive documentation obligations. Under Art. 30 GDPR, a record of all processing activities must be kept, which specifically lists the storage solutions used (including volumes), the type of data stored, access possibilities, the purpose of storage, as well as statutory or internal data retention periods. If volumes are used to store particularly sensitive categories of personal data (such as health data), a data protection impact assessment pursuant to Art. 35 GDPR must also be prepared and regularly updated. All measures for data protection, access restrictions, and deletion must be documented. These obligations serve as evidence in case of inspections by data protection supervisory authorities.

What liability risks exist in the event of data loss in volumes?

Legally, the operator of a volume (or the controller within the meaning of the GDPR) is obliged to ensure data integrity and availability. In the event of data loss—such as due to technical failures, cyberattacks, negligence, or insufficient security measures—civil liability claims (e.g. damages) and fines pursuant to Art. 83 GDPR can arise. For particularly sensitive data sets, criminal consequences are also possible (e.g. under § 203 StGB for persons bound to secrecy). Crucial is demonstrable compliance with statutory and technical minimum standards for data security and management. If the data loss results from a lack of documentation or insufficient protective measures, the liability risk increases significantly.

To what extent is the use of encrypted volumes legally relevant?

The encryption of volumes is legally considered a fundamental technical and organizational measure to ensure data protection pursuant to Art. 32 GDPR. Its use can not only significantly reduce the risk of data misuse in the event of unauthorized access but, in the case of a data protection incident, can also be taken into account as a mitigating factor when assessing fines. The encryption used must be state-of-the-art; weak or outdated algorithms would be disadvantageous in the event of a loss (keyword: state of the art, § 9 BDSG, Art. 32 GDPR). The management of keys, especially their storage, is subject to documentation and verification obligations to prevent manipulation or misuse.

What duties to cooperate apply to authorities regarding stored data in volumes?

In the case of investigations or requests for information, companies as operators of volumes must cooperate with the competent authorities—such as in response to data access requests from data protection authorities or for law enforcement purposes. Pursuant to Art. 31 GDPR, controllers are obliged to provide all information required for the fulfilment of the supervisory authority’s tasks and, if requested, to grant access to certain volumes or stored data sets. At the same time, unlawful disclosures of data must be avoided; a legitimate authority interest and a clear statutory basis must exist for release (e.g. under § 101 TKG or by court order). Careful documentation of all authority contacts and requests is recommended.