Extended analysis of the ECJ ruling on the GDPR and its impact

Content Hide

1. Guiding principles of the ECJ ruling

2. Further aspects

3. Conclusion and recommendations for action

4. Zugehörige Beiträge:

Guiding principles of the ECJ ruling

Direct liability of legal persons: The ECJ confirms that a fine under Art. 83 GDPR can be imposed on a legal person without the infringement having previously been attributed to an identified natural person. This represents a departure from previous German legal practice, which presupposed such an attribution.
Culpable conduct as a prerequisite: A fine may only be imposed if it is proven that the person responsible (be it a natural or legal person) committed the violation intentionally or negligently. This means that the supervisory authorities must provide evidence of culpable conduct.

Further aspects

Group turnover as the basis of assessment: If the addressee of the fine belongs to a group, the turnover of the entire group is decisive when calculating the fine. This can lead to significantly higher fines, especially for large multinational corporations.
Liability for breaches by third parties: A legal entity is liable not only for breaches committed by its management bodies, but also for breaches committed by any other person in the course of their business activities on behalf of the legal entity. This considerably extends the scope of liability.
Joint responsibility: In the case of joint responsibility of several entities for data processing, liability already arises from participation in the decision on the purposes and means of processing. A formal agreement is not required for this.

Conclusion and recommendations for action

This ruling by the ECJ significantly lowers the hurdles for the imposition of GDPR fines and extends the scope of liability for companies. It underlines the need for companies to implement a robust data protection compliance management system and continuously monitor data protection practices. In particular, the extension of liability to infringements by third parties and the consideration of group turnover when calculating fines require comprehensive risk assessment and management.

I will be happy to provide you with further information and individual advice on this topic.

Just call!

Guiding principles of the ECJ ruling

Further aspects

Conclusion and recommendations for action

Zugehörige Beiträge:

Marian Härtel

Phone

E‑mail

Extended analysis of the ECJ ruling on the GDPR and its impact

Innovations in data protection law: ECJ ruling lowers hurdles for GDPR fines

Epic Games' victory in the antitrust dispute against Google Play Store: a turning point for the app economy?

All 1Pitch videos in one go

The limits of German jurisdiction in B2B claims against US social media services

OLG Hamburg decides: Only lawyers may remove reviews with legal justifications

§Section 44b UrhG in the context of data mining of AI

EU adopts Data Act: What do you need to know?

Double opt-in in email marketing: not anonymous!

Extended Black Week..Is that even allowed?

LG Darmstadt: A currently advertised product must also be available for delivery

Looking to the future: AI and blockchain as trailblazers for 2024

The Future Finance Act and its significance for crypto equities

Cryptowinter 2023: A turning point for blockchain technology in 2024?

ECJ rulings strengthen data protection: important clarifications on liability and compensation for damages

AI in contract drafting: an honest insight from my practice

Austrian court ruling against "Counter-Strike" lootboxes: a precedent for Germany?

Attention: Grace period in the Whistleblower Protection Act has expired!

Jurisdiction agreements in influencer contracts

Electronic invoicing from 2025: What companies need to know

Cancellation of online subscriptions must be possible without a password!

What's new in 2024?

Merry Christmas and a look ahead to an exciting year

Groundbreaking ruling on VAT in photovoltaic system sales

The commercial confirmation letter: A tool in influencer marketing?

Calling someone a "stupid piece of brain vacuum" on Facebook is unlawful abusive criticism

Karlsruhe Higher Regional Court: Publication of image sequences from the RTL program "Pocher - gefährlich ehrlich" prohibited

#BettercallMarian vs. Better Call Saul: When does a hashtag become a trademark infringement?

Legal issues in focus - video series in collaboration with 1Pitch

Reminder: The GbR's registrability is coming!

New judgment of the Munich Regional Court: The case of the Sky cancel button and its significance

25 years of self-employment: a path full of challenges and opportunities

Green light for cannabis start-ups - A new chapter begins

No compensation for scraping incidents on Facebook

Price adjustment clauses in general terms and conditions: A critical look at the example of the Netflix ruling

Between player rights and provider obligations - dealing with blocked gaming accounts

Artificial intelligence in moderation: legal limits when blocking social media and gaming accounts

SEO and law - a balancing act between visibility and security

Is the NetzDG permissible? ECJ with an exciting decision

BGH submits definition of "immaterial damage" under GDPR to ECJ

Legal strategies against unauthorized blocking of social media accounts

OLG Cologne: Cloudflare liable as perpetrator

Blockchain and AI in law - new territory or proven terrain?

What is the European Accessibility Act?

Sunset clauses and post-contractual revenue sharing in influencer management

Information

Services

Cookies?