The scope of information a shareholder may request from the company – particularly in public partnerships and fiduciary structures – is a central issue in corporate law. Despite recurring attempts to restrict the flow of information by invoking data protection concerns or allegations of abuse, a clear legal position has emerged in favor of broad rights to information, even in cases involving economically motivated inquiries or interests held through fiduciary arrangements. Recent decisions by the German Federal Court of Justice (Bundesgerichtshof - BGH), especially the decision of 22 January 2025 (II ZB 18/23) and the decision of 24 October 2023 (II ZB 3/23), have further clarified the scope and limitations of this shareholder’s right, taking into account the provisions of the European General Data Protection Regulation (GDPR).
The boom in closed-end funds and public limited partnerships has greatly increased the demand for transparency among shareholders. While classic partnerships relied on personal relationships and knowledge, modern limited partnership – such as real estate or media funds – are often anonymized and structured according to division of labor. Many investors participate only indirectly through a trustee. This structure risks an information deficit: Who are my fellow shareholders? How can I exercise control or connect with others?
The shareholder’s right to information has become a key instrument for ensuring equal participation in corporate governance.
The development of Supreme Court jurisprudence
The foundational decision of the German Federal Court of Justice of 11 January 2011 (II ZR 187/09) marked the beginning of a continuous strengthening of shareholders’ rights to information. In that ruling, the German Federal Court of Justice held that even indirect shareholders holding their participation through a fiduciary arrangement are entitled to receive information regarding the names and addresses of their fellow shareholders, provided they are treated as equivalent to direct shareholders under the internal relationship.
This principle was further developed in the German Federal Court of Justice judgment of 5 February 2013 (II ZR 134/11), which confirmed that principals in fiduciary arrangements are also entitled to information regarding the identity of all investors in a public partnership, where the partnership agreement and fiduciary agreement provide for equal treatment in the internal relationship. The German Federal Court of Justice clarifies that the right to information cannot be effectively excluded by either the partnership agreement or the fiduciary agreement. Moreover, a legitimate interest in anonymity does not exist even under corporate law, as knowledge of the identity of fellow shareholders or fiduciaries is essential for internal control and decision-making within the company.
In the decisions of 16 December 2014 (II ZR 277/13) and 22 February 2016 (II ZR 48/15), the German Federal Court of Justice reaffirmed this position and went even further: Explicit anonymity clauses in contracts or express objections by individual shareholders are deemed ineffective. The shareholder's right to information prevails over any purported confidentiality interest of fellow shareholders or co-fiduciaries.
Right to information and data protection: Apparent contradiction?
With the GDPR´s entry into force in 2018, the dispute over the compatibility of rights to information with data protection regulations intensified. It was frequently argued that the disclosure of names and addresses constitutes an impermissible interference with the right to informational self-determination.
However, the German Federal Court of Justice takes a different view. It clarified that the processing of personal data for the fulfillment of the articles of association is permissible. This applies, for example, to the exercise of membership rights. The legal basis is Art. 6 para. 1 lit. b GDPR.
The European Court of Justice (ECJ) confirmed this position in its judgment of 12 September 2024 (Joined Cases C-17/22 and C-18/22). However, the ECJ adopted a differentiated approach: In addition to Art. 6 para. 1 lit. b, Art. 6 para. 1 lit. f GDPR - i.e. the legitimate interest - may also serve as a legal basis for data transfers required under corporate law. Nevertheless, the ECJ applies strict standards.
First, a legitimate interest must be presented in a concrete and comprehensible manner, for instance, in the context of internal decision-making within the company. It must then be examined whether the processing is genuinely necessary. It is not sufficient for it to be merely useful - it must be objectively indispensable. If a less intrusive but equally effective means exists (e.g., transmission via a fiduciary intermediary), that alternative must be preferred. Finally, as part of a balancing of interests, it must be clarified whether the interests or fundamental rights of the affected shareholders conflict with this. Furthermore, the CJEU emphasized that data subjects must be transparently informed about the processing. In the absence of such transparency, processing under Art. 6 para. 1 lit. f GDPR is not permissible.
Economic motives: Abuse of the right to information?
Time and again, attempts are made to restrict the shareholder’s right to information by invoking the argument of abuse of rights – particularly in cases where requests are clearly aimed at making purchase offers to fellow shareholders for their shares. Such conduct is alleged to be unfair, disruptive to corporate harmony, and not genuinely intended to serve corporate oversight.
However, the case law remains remarkably consistent: Even information requests for that is exclusively or predominantly economically motivated – for instance, with the aim of acquiring shares – do not constitute an abuse of rights and do not violate the principle of good faith (Munich Higher Regional Court, judgment of 16 January 2019 (7 U 342/18), decision of the German Federal Court of Justice dated 24 October 2023, and 22 January 2025, II ZB 3/23, II ZB 18/23).
The current legal landscape – contours and boundaries
According to established case law, in partnerships and partnership-based commercial entities, the right to know one’s contractual counterpart is self-evident. It constitutes aninalienable membership right arising from the contractual relationship established by the partnership agreement itself. With the reform of German partnership law (MoPeG) and the revision of Section 166 of the German Commercial Code (HGB), the legislature has explicitly adopted this jurisprudence and codified the non-derogable nature of the right to information.
Conclusion and outlook
The development of case law is to be welcomed from the perspective of investor protection, transparency, and equitable corporate participatio. In particular it safeguards minority shareholders from de facto isolation and enables them to assert their rights – whether in the form of oversight, participation in decision-making, or forming interest groups. Especially in public partnerships with thousands of investors, the right to information prevents the management or fiduciaries from creating a “black box”. A particularly positive aspect is that the courts have curtailed the misuse of anonymity clauses and “data protection pretexts”, thereby strengthening the position of shareholders.
Nonetheless, there is legitimate criticism. On the one hand, the broad scope of the right to information may lead to harassment and “cold calling” by professional buyers. On the other hand, legal protection for individuals in sensitive cases – such as minors, vulnerable persons, or those with socially relevant concerns – remains weak. There is also a lack of clarity regarding how to address targeted abuse, such as deliberate harassment. Future developments in European data protection law may prompt a reassessment. A more differentiated approach to particularly vulnerable shareholders is conceivable. The possibility of monitoring information requests or sanctioning targeted harassment is rarely utilized in practice.