This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.

Freshfields TQ

Technology quotient - the ability of an individual, team or organization to harness the power of technology

| 2 minute read

CJEU to shape requirements for GDPR damage claims

Since the EU General Data Protection Regulation (GDPR) came into force in 2018, the particular requirements for GDPR damage claims under Article 82(1) have been widely discussed. However, the Court of Justice of the European Union (CJEU) has not yet had the chance to give its point of view.

This might change with a decision of the German Federal Constitutional Court dated 14 January 2021 (in German). The Court ruled that it is the responsibility of the CJEU (not a German district court) to decide whether or not the GDPR foresees a material threshold applicable to damages claims under Article 82(1).  

What happened? 

The claimant argued he should be awarded damages under Article 82(1) because a marketing email had been sent to his business email address without his consent.

Noting that the case was merely about a single email that had not been sent at a crucial time, was clearly marked as advertising and had not required a long time to be dealt with, the German district court of Goslar considered that the materiality threshold for compensation had not been reached and dismissed the claim for damages.  

This decision was in line with the settled case law of the Federal Constitutional Court applicable to immaterial damages under German civil law: if claimants request such immaterial damages, they must prove that the act or omission caused a major violation of their personal rights.

However, there is no clear evidence whether such materiality threshold is required for a claim under Article 82 of the GDPR. While Recital 146, sentences 3 and 6 of the GDPR state that the ‘concept of damage should be broadly interpreted’ and data subjects should receive ‘full and effective compensation for the damage they have suffered’, Recital 85, sentence 1 of the GDPR requires a ‘significant economic or social disadvantage to the natural person concerned’.

As the claimant could not appeal the decision under German procedural law, he decided to apply to the Federal Constitutional Court, arguing that his right under Article 101(1)2 of the German Constitution (Grundgesetz), namely the fundamental right to a hearing before a judicial body, had been violated.

The Federal Constitutional Court granted his request with reference to EU law, and ruled that the district court should have turned to the CJEU. The Court held that the question of whether Article 82(1) of the GDPR provides for a materiality threshold has not yet been interpreted (acte éclairé) nor is evident (acte clair).

What happens next?

Even though the Federal Constitutional Court has made its point, it is still up to the district court to ask the CJEU on its opinion. It is also possible that the district court will deny the claim for other reasons or allow the claimant to take his case to an appeal (a move that the district court previously rejected).

Beyond the case itself, the Federal Constitutional Court’s decision is grist to the mill for the growing claimant industry, which is ready and waiting to sue controllers under the GDPR – potentially via mass claims. A decision of the CJEU regarding materiality threshold can’t come soon enough.

Tags

gdpr, data protection, europe