The German Federal Constitutional Court has ruled the Court of Justice of the European Union needs to clarify if the EU General Data Protection Regulation provides for a materiality threshold for GDPR damage claims.
The Federal Constitutional Court's decision overturns a judgment of the Goslar Local Court of Sept. 27, 2019, regarding the unlawful sending of an advertising email. The Local Court had held that the plaintiff had not suffered any compensable damage under Article 82 of the GDPR. The damage suffered by the plaintiff had not exceeded the materiality threshold in this matter.
The plaintiff subsequently filed a constitutional complaint with the Federal Constitutional Court, arguing the Local Court should have made a submission to the CJEU for a preliminary ruling under Article 267 of the Treaty of the European Union.
The Federal Constitutional Court adopted the plaintiff's arguments, finding the Local Court should not have dismissed the damage claim without involving the CJEU because, ultimately, only the CJEU is responsible for assessing if the GDPR provides for a materiality threshold for GDPR damage claims.
The Federal Constitutional Court maintained the materiality threshold has neither been subject to an interpretation by the CJEU (acte éclairé) nor was the application of EU law so obvious to leave no room for reasonable doubt (acte clair). Further, the Federal Constitutional Court noted the GDPR does not clarify the extent of compensation for immaterial damage following data privacy violations. The Federal Constitutional Court also held German authors had not yet adopted a uniform approach on the scope of GDPR damage claims. For these reasons, the Federal Constitutional Court determined the concrete scope of Article 82 of the GDPR remains unclear.
The fact that the Federal Constitutional Court took the insignificant case of a single unlawful advertising email as an opportunity to clarify the CJEU's prerogative of interpreting the GDPR is a notable and surprising development.
The CJEU will soon decide whether the GDPR provides for materiality threshold for damage claims. In doing so, the CJEU will need to clarify whether the GDPR trumps German tort law and, if so, to what extent. A materiality threshold for immaterial damage claims has been a longstanding judicial practice under German tort law. A similar, rather restrictive interpretation of GDPR damage claim requirements is supported by Recital 85 Sentence 1 of the GDPR, which states that only "significant economic or social disadvantage to the natural person concerned" may constitute compensable damage.
Until the CJEU's ruling, German courts will likely rely on more than one argument before dismissing GDPR damage claims. Notably, the Federal Constitutional Court's decision does not affect the burden of proof for damage claims, particularly for causation between the data privacy violation and damage. Thus, companies can still use several arguments to effectively defend themselves in damage proceedings.
Photo from Unsplash
If you want to comment on this post, you need to login.