What Does an IT Lawyer Do? The Complete Guide (2026)

IT lawyer at Law & More working on a laptop

Author: Tom Meevis, Managing Partner & IT Lawyer at Law & More — Published: July 2026 | Updated: July 2026

In short

  • An IT lawyer specialises in legal matters relating to technology, software and digital services.
  • You need an IT lawyer for IT contracts, GDPR compliance, the AI Act, NIS2, intellectual property and IT disputes.
  • The seven core areas of IT law are: IT contracts, IP & software, privacy, cybersecurity, AI regulation, IT disputes and e-commerce.
  • Rates typically range between €250 and €350 per hour excluding VAT; Law & More charges €295 excl. VAT.
  • A free introductory meeting helps you assess whether you need an IT lawyer.

What is an IT lawyer?

An IT lawyer is a lawyer who specialises in legal issues surrounding information technology, software, digital services and data. Whereas a generalist covers multiple areas of law, an IT lawyer focuses specifically on the intersection of technology and law: from software contracts and privacy to cybersecurity and the new AI regulation.

The field has existed for decades, but has changed drastically in recent years. Where an IT lawyer used to deal mainly with software licences and hosting contracts, the field today covers a broad range of complex regulation: the General Data Protection Regulation (GDPR), the European AI Act, the NIS2 Directive (implemented in the Netherlands as the Cyber Security Act), the Data Act and various legislation on e-commerce and intellectual property.

An IT lawyer speaks both languages: that of technology and that of the courtroom. That makes a difference when you need a contract reviewed that is full of technical specifications, or when you need to demonstrate to a judge that a software supplier has failed to meet its obligations.

When do you need an IT lawyer?

Many businesses bring in an IT lawyer too late — only once something has already gone wrong. But preventive legal advice is at least as valuable as remedial action after the fact when it comes to IT matters. You need an IT lawyer in the following situations.

When entering into IT contracts

Software licence agreements, SaaS contracts, cloud agreements and IT implementation contracts contain clauses on liability, intellectual property and exit arrangements that can have far-reaching consequences. An IT lawyer protects your interests before you sign.

When developing software

When you have software developed — by an external agency or by permanent staff — it must be clearly recorded who owns the rights to the source code. Without clear contractual agreements, you may discover after a dispute that the software supplier owns the code you paid for.

In the event of a data breach or cyber incident

Following a data breach, you have a 72-hour obligation to notify the Dutch Data Protection Authority. Depending on the severity, you may also need to inform the individuals affected. An IT lawyer guides you through this process, limits liability and coordinates communication.

For compliance matters

The GDPR, the AI Act, the NIS2 Directive and the Data Act impose concrete obligations on businesses that use or develop technology. The penalties for non-compliance are steep: up to €20 million or 4% of global annual turnover under the GDPR. An IT lawyer helps you demonstrate compliance.

In an IT dispute

If an IT implementation project fails, a supplier falls short of its SLA obligations, or a conflict arises over software ownership, you need a lawyer who understands the technical reality and can act effectively — both out of court and before a judge.

To protect intellectual property

Software is protected by copyright, but that protection is not automatically watertight. Databases have their own separate database right. An IT lawyer helps protect your digital assets and takes action against infringement.

The 7 core areas of IT law

1. IT contracts: software, SaaS and cloud

IT contracts form the foundation of every digital business operation. Whether it concerns a software delivery contract, a SaaS subscription or a cloud migration project, the legal risks are hidden in details that look harmless at first glance.

Critical clauses in IT contracts include: limitation of liability, ownership of source code and data, uptime guarantees (SLAs), exit arrangements and data return, and security obligations. An IT lawyer reviews these clauses from your perspective — not from that of the supplier who drafted the contract.

Read more: Drafting a software contract — what should you look out for?

2. Intellectual property and software

Software is protected by copyright under the Dutch Copyright Act. But who actually holds that copyright? In most cases it is the developer — unless otherwise agreed by contract. This regularly leads to disputes when a client assumed they owned software they had commissioned.

Alongside copyright, database rights can apply to collections of data, and patents may be relevant for technological inventions. An IT lawyer maps out your IP position and ensures contracts correctly record ownership rights.

Read more: Intellectual property and software — who owns the code?

3. Privacy and data protection (GDPR)

The GDPR applies to virtually every business that processes personal data. That sounds abstract, but in practice it means: data processing agreements with your IT suppliers, a register of processing activities, a privacy policy that meets the information duty, technical and organisational security measures, and a procedure for handling data breaches.

An IT lawyer translates GDPR obligations into concrete steps for your organisation and helps draft the required documents.

Read more: GDPR and IT — the obligations many businesses overlook

4. Cybersecurity and NIS2

The NIS2 Directive took effect in the Netherlands in October 2024 through the Cyber Security Act (Cyberbeveiligingswet). The Directive requires organisations in designated sectors — including energy, transport, digital infrastructure and government — to take appropriate cybersecurity measures and report incidents.

NIS2 also requires organisations to assess security risks in their supply chain. That means your IT contracts with suppliers need to include NIS2-compliant security requirements. An IT lawyer helps you determine whether the Directive applies to you, which measures are required, and how to adapt your contracts.

Read more: The NIS2 Directive — what do you need to arrange now as a business owner?

5. The AI Act

The European AI Act is the first comprehensive law in the world to regulate AI systems. Since 2025, providers and users of AI systems have faced obligations that depend on the risk level of the system: prohibited AI practices, obligations for high-risk AI systems, and transparency requirements for limited-risk systems.

For many businesses, the question is: does my AI application fall under the AI Act, and if so, in which risk category? An IT lawyer analyses your use of AI and helps you take the right compliance measures.

Read more: The AI Act — what does the new EU regulation mean for your business?

6. IT disputes and liability

IT projects fail more often than projects in other sectors. Research shows that a significant proportion of large IT implementation projects run late, exceed budget, or are shut down altogether. When that happens, the question is: who bears the loss?

An IT lawyer assesses contractual liability, gathers evidence (technical documentation, email correspondence, acceptance protocols) and negotiates a settlement or starts proceedings. Arbitration through the Netherlands Arbitration Institute (NAI) or the SGOA (Stichting Geschillenoplossing Automatisering, the Dutch IT arbitration institute) is often faster and cheaper than full court proceedings.

Read more: IT disputes — what are your legal options?

7. E-commerce and online retail law

Selling online brings specific legal obligations: the right of withdrawal (14-day cooling-off period), information duties for webshops, cookie law compliance, rules on digital products, and the rules on distance contracts (article 6:230g et seq. of the Dutch Civil Code, implementing the EU Consumer Rights Directive). Breaching these rules can lead to fines from the Dutch Authority for Consumers and Markets (ACM) and reputational damage.

An IT lawyer ensures your terms and conditions, privacy statement and cookie policy are legally sound and that your webshop complies with all consumer protection legislation.

IT lawyer or ICT legal consultant: what is the difference?

The terms are often used interchangeably, but there is a legally relevant distinction.

An IT lawyer is registered with the Dutch Bar Association (NOvA) and, as a result, has professional secrecy (everything you share is covered by legal privilege, even in court proceedings), the exclusive right to represent you before the court, is subject to disciplinary oversight (misconduct can be reported to the disciplinary board), and is required to carry professional indemnity insurance.

An ICT or IT legal consultant without a bar qualification can provide legal advice, but lacks legal privilege and the right of representation in court. For purely advisory work that may be sufficient; as soon as proceedings are likely, or you want to share confidential information without the risk of forced disclosure, you need a lawyer.

How do you choose the right IT lawyer?

Not every lawyer who lists “IT law” on their website is genuinely specialised. Check the following when making your choice.

1. Demonstrable specialisation

Does the lawyer have a track record in IT law matters? Publications, blog posts and speaking engagements in the field of IT law are good indicators of genuine specialisation.

2. Technical understanding

An IT lawyer does not need to be a programmer, but must understand the technical context of your matter. In an introductory meeting, ask whether the lawyer understands the difference between a SaaS contract and a software licence, or what a data processing agreement involves.

3. Sector knowledge

IT law is broad. A lawyer experienced in the technology sector (start-ups, scale-ups, software suppliers) will view a contract differently from one used to working with healthcare institutions. Look for someone with experience in your industry.

4. Availability and communication

IT incidents rarely happen nine-to-five. Choose a law firm that is reachable outside office hours and responds quickly.

5. Transparent cost structure

Before starting, ask for an estimate of the costs and the timeline. A good IT lawyer gives you a realistic picture of what to expect at the first meeting.

What does an IT lawyer cost?

The hourly rate of an IT lawyer in the Netherlands generally ranges between €250 and €350 excluding VAT, depending on the size of the firm, its location and the seniority of the lawyer. At larger law firms in Amsterdam or Rotterdam, rates can rise to €500 or more per hour.

Law & More charges a rate of €295 per hour excluding VAT for IT law services. We do not charge for an initial introductory meeting.

For standard services such as drafting a data processing agreement or reviewing a SaaS contract, it is sometimes possible to agree a fixed price. Ask about this during the introductory meeting.

Factors that affect the total cost include: the size and complexity of the contract or dispute, the stage involved (advice and contract review are cheaper than proceedings), urgency (urgent advice following a data breach comes at a higher cost), and the number of parties involved in a dispute.

IT lawyer at Law & More

Law & More is a law firm in Eindhoven and Amsterdam with a dedicated IT law practice. Our IT lawyers advise technology companies, start-ups, scale-ups and traditional businesses facing digital legal issues.

We work with clients in the Brainport ecosystem around Eindhoven — one of the largest technology clusters in Europe — and serve national and international tech companies through our Amsterdam office. Our multilingual lawyers provide services in Dutch, English and other languages.

Managing Partner Tom Meevis leads the IT law practice and has extensive experience with IT contracts, intellectual property, GDPR compliance and IT disputes. He advises both businesses and individuals on IT law matters.

Want to know what we can do for you? Request a free introductory meeting or call us on +31 40 369 06 80 (available Mon–Fri 08:00–22:00, weekends 09:00–17:00).

Frequently asked questions about IT lawyers

What is the difference between an IT lawyer and an ICT lawyer?

There is no functional difference: both terms refer to a lawyer specialising in legal issues relating to information technology. The term “IT lawyer” is more commonly used in practice; “ICT lawyer” is an older term that emphasises the communication aspect (the C in ICT). Both IT and ICT fall under the same areas of law: contracts, intellectual property, privacy, cybersecurity and liability for digital services.

What legislation falls under IT law?

IT law is not a separate code, but an umbrella field covering multiple laws and regulations. The most important are: the General Data Protection Regulation (GDPR), the European AI Act, the NIS2 Directive (implemented as the Cyber Security Act), the Data Act, the Dutch Copyright Act (for software copyright), the Databanks Act, the Telecommunications Act, the rules on distance contracts (article 6:230g et seq. of the Dutch Civil Code, e-commerce) and the Dutch Civil Code for contract law generally.

Do I need an IT lawyer for my GDPR policy?

Not always, but it is advisable for larger organisations or more complex processing activities. An IT lawyer helps you set up a record of processing activities, review or draft data processing agreements, and put in place a procedure for data breaches. For smaller businesses, a combination of a privacy policy template and one-off legal advice is sometimes sufficient.

What does an IT lawyer do in the event of a data breach?

A data breach triggers a 72-hour notification obligation to the Dutch Data Protection Authority. An IT lawyer immediately assesses whether the breach is notifiable, guides the notification process, advises on communication with those affected, limits liability towards customers and suppliers, and investigates whether there is a breach of contract by a supplier or a criminal offence under cybercrime law.

Can an IT lawyer also litigate?

Yes. An IT lawyer is a fully qualified lawyer and can represent you before any court in the Netherlands. For IT disputes, the most relevant forums are: the civil court (for contractual disputes and liability), summary proceedings (for urgent matters such as intellectual property infringement), arbitration through the NAI or the SGOA, and the Enterprise Chamber (for corporate IT disputes). Many IT disputes are resolved out of court through negotiation or mediation.

How quickly can I reach an IT lawyer at Law & More?

Law & More is available on weekdays from 08:00 to 22:00 and on weekends from 09:00 to 17:00. You can call us on +31 40 369 06 80, email [email protected], or book a consultation via our website. For urgent matters such as data breaches, we respond as quickly as possible.

What is the difference between an IT lawyer and a data protection officer (DPO)?

A Data Protection Officer (DPO) is an internal or external supervisor who ensures your organisation complies with the GDPR. An IT lawyer provides legal advice and can represent you in a dispute or legal proceedings. The two roles complement each other: the DPO oversees day-to-day GDPR compliance, while the IT lawyer acts when legal action is required.

Conclusion

IT law is one of the fastest-growing areas of law today. New European regulation (the AI Act, NIS2, the Data Act) is placing ever more obligations on businesses that use or develop technology. At the same time, the risks are increasing: data breaches, failed IT implementations and software disputes can seriously harm a business.

An IT lawyer is no longer a luxury — it is a necessity for any organisation that takes digital services seriously. The question is not whether you will ever face an IT law issue, but when.

Want to know whether Law & More is the right IT lawyer for your situation? Get in touch for a no-obligation introductory meeting.

Related articles

Need Legal Assistance?

Contact Law & More for expert guidance on your legal matters. Our multilingual team is ready to help.

Related articles

You signed your relocation contract, moved to Eindhoven or Amsterdam, and settled in. Then something

On 11 January 2024, the EU Data Act – Regulation (EU) 2023/2854 – entered into

Data sharing is the lifeblood of modern commerce. Whether you’re onboarding a new cloud provider,

Stay Updated on Dutch Law

Subscribe to our newsletter for the latest legal insights, regulatory updates, and practical advice.