Judgments on the GDPR + data protection law

CJEU rules on damages under Art. 82 GDPR

Martin Röleke 10 May 2023

Non-material damages, damages, and the materiality threshold – the CJEU issues a long-awaited ruling. But the legal certainty now provided could lead to large waves of lawsuits.

CJEU declares parts of Germany´s BDSG invalid in terms of data protection for employees

Merve Altintas-Becker 26 April 2023

In future, employers in Germany must use a legal basis directly from the GDPR to process their employees’ personal data.

CJEU on the right of access to data recipients

Venushon Thadchanamoorthy 23 February 2023

Controllers must name the specific recipients of personal data when answering right to access requests – unless one of the few exceptions applies.

Consumer associations can bring GDPR cases to court without demonstrating a specific violation of individual rights

Klaus Foitzick 17 August 2022

The CJEU confirmed that national law may allow consumer associations to bring GDPR claims to court, even if they are not mandated by the data subjects and without demonstrating a specific violation of data subjects’ rights.

Compensation based on a wrongful transfer of data within a group of companies

Merve Altintas-Becker 17 May 2022

A German Higher Labour Court confirms claim for damages of EUR 2,000, due to prohibited transfer of personal data within the group of companies.

The transfer of the IP address via Google Fonts when visiting a website is unlawful

Martin Röleke 10 February 2022

A website user receives EUR 100 in damages from a website operator for unlawful linking to #Google Fonts. Find out why this is a violation of the #GDPR provisions in our discussion of the ruling.

Upcoming CJEU rulings on data protection matters

Klaus Foitzick 25 January 2022

Recently, a number of important questions regarding the GDPR have been referred to the CJEU. We will give you an overview on the proceedings and their relevance for data protection practice.

CJEU strikes down EU-U.S. Privacy Shield while SCCs remain valid

Klaus Foitzick 17 July 2020

What the verdict means for European companies, which alternatives are available and why it does not only affect data transfers to the U.S.

Meaning of the CJEU judgment on Standard Contractual Clauses

Klaus Foitzick 6 May 2020

The legality of SCCs, the expected judgment of the CJEU and the impact on companies that process data in third countries.

Why are judgments on the GDPR important?

The GDPR leaves room for interpretation in numerous places. Courts, and especially the CJEU, are called upon to ensure legal certainty. Probably the most prominent example of this is the CJEU’s rulings on third country transfers, respectively the EU-U.S. Privacy Shield and Safe Harbor.

In addition, the Member States can enact national data protection laws that supplement or concretise the provisions of the GDPR. However, there are also deviations which, in case of doubt, have to be decided by national court rulings.

For companies, it is important to be aware of the judgments on the GDPR and national data protection law, as these affect the company´s practical implementation of the law internally and externally.

Judgments on the GDPR and national data protection law

CJEU rules on damages under Art. 82 GDPR

CJEU declares parts of Germany´s BDSG invalid in terms of data protection for employees

CJEU on the right of access to data recipients

Consumer associations can bring GDPR cases to court without demonstrating a specific violation of individual rights

Compensation based on a wrongful transfer of data within a group of companies

The transfer of the IP address via Google Fonts when visiting a website is unlawful

Upcoming CJEU rulings on data protection matters

CJEU strikes down EU-U.S. Privacy Shield while SCCs remain valid

Meaning of the CJEU judgment on Standard Contractual Clauses

Why are judgments on the GDPR important?

Other specials

Employee data protection

Marketing and data protection

International data transfer

Rights of the data subject

GDPR fines analysed and explained

Data protection legislation worldwide

Munich

Berlin

Services

Resources

About

Group

Contact us!

+49 (0)89 / 91 92 94 – 900