Search
Contact
09.05.2023 | KPMG Law Insights

ECJ on Data Protection: No Materiality Threshold for Damages

A breach of the General Data Protection Regulation (GDPR) alone is not sufficient to give rise to a claim for compensation for non-material damage. In the opinion of the ECJ, damage must actually have occurred to the person concerned. However, this damage need not exceed a “materiality threshold.”

In its judgment of May 4, 2023 (Case No.: C-300/21), the ECJ for the first time commented on a question that had been highly controversial, especially before German courts: the prerequisites for a claim for damages under Art. 82 GDPR .

The ECJ has clarified that a claim for damages under the GDPR is subject to three conditions:

  • a breach of provisions of the GDPR,
  • the occurrence of material or immaterial damage, and
  • the causality between the breach and the damage.

A mere violation of the GDPR is thus expressly not sufficient to establish a claim for damages, as the occurrence of a causal damage must be proven in each case.

No materiality threshold – even minor damage must be compensated for

However, this damage does not have to exceed a materiality threshold. The Court justifies this, among other things, by stating that the application of a corresponding de minimis limit would entail a significant risk of divergent case law and would thus run counter to the objective of maintaining a uniform level of data protection within the Member States, as set out in recital 10 of the GDPR.

The amount of damages is in principle subject to national law, provided that the principles of equivalence and effectiveness are observed. Financial compensation must fully compensate for the damage suffered as a result of the infringement. The claim does not have a punitive character.

The courts must decide at what point damage exists

The fact that plaintiffs must also prove concrete damage for a claim for damages is to be welcomed. However, it is not always clear at what point non-material damage is to be assumed. The determination of this remains the responsibility of the national courts. It remains to be seen whether the “subjective feeling of dissatisfaction” of the affected parties due to a GDPR violation, which is often cited in German case law, will be sufficient to establish that damages are compensable. The ECJ ruling does not provide any concrete answers to this question. Consequently, the presentation of a corresponding damage, which will be required by the courts in the future, will be decisive.

An increase in mass litigation must be expected

The clear denial of a materiality threshold tends to play into the hands of warning law firms and other service providers in the field of mass actions. In addition, German lawmakers are planning to implement the EU directive on collective actions this year. This means that consumer associations will also be able to sue directly for damages with the so-called remedial action for consumers. As a result, an increase in mass lawsuits related to GDPR violations is also to be expected. Affected companies are therefore likely to increasingly turn to legal tech products to fend off mass lawsuits.

Conclusion

Company executives should address the organizational and strategic challenges of mass litigation at an early stage. Again, better safe than sorry. The ECJ ruling has once again increased the financial risks associated with data privacy breaches. Companies should therefore continue to focus on establishing and expanding solid data protection management systems, including adequate handling of data subjects’ rights and data protection incidents, in order to prevent fines and claims for damages as far as possible.

Explore #more

09.01.2025 | In the media

KPMG Law strengthens Legal Transformation Managed Services and Legal Corporate Services with two new senior managers

On January 1, KPMG Law strengthened its Transformation Managed Services practice with Jana Sichelschmidt and its Corporate Services practice with Dr. Michaela Lenk. Both are…

06.01.2025 | Deal Notifications

KPMG Law advises on the sale of Käppler & Pausch GmbH

Gabriel Pausch, the co-founder and main shareholder of Käppler & Pausch GmbH, a system supplier for metal assemblies as well as metal and sheet metal…

03.01.2025 | In the media

Interview in Betrieb on the EU money laundering package and its impact

The EU anti-money laundering package harmonizes anti-money laundering and counter-terrorism rules in Europe and introduces new measures such as cash limits of €10,000, identification requirements…

02.01.2025 | In the media

KPMG Law Statement in eMagazin Immobilienanwälte: Creativity meets law in trademark protection

Four Frankfurt, Elbtower, Vonovia: real estate projects and companies are backed by constructs worth millions or even billions. In order to stand out from the…

20.12.2024 | KPMG Law Insights

The EU packaging regulation sets strict requirements for packaging

The EU has adopted the Packaging Regulation. After the European Parliament adopted the Commission’s draft on April 24, 2024, the EU member states also approved…

20.12.2024 | Deal Notifications

KPMG and KPMG Law supported the sale of circular Informationssysteme to the teccle group

Together with the corporate finance/M&A advisors of KPMG AG Wirtschaftsprüfungsgesellschaft (KPMG), KPMG Law Rechtsanwaltsgesellschaft mbH (KPMG Law) advised the shareholders of circular Informationssysteme GmbH (circular)…

19.12.2024 | Press releases

KPMG Law defends Federal Motor Transport Authority against claim for damages in connection with the emissions scandal

The state is not liable to vehicle purchasers for damages. KPMG Law has defended the Federal Motor Transport Authority (KBA) against a civil plaintiff’s state…

18.12.2024 | KPMG Law Insights, KPMG Law Insights

MiCAR – What the new EU regulation means for crypto service providers and issuers

An EU regulation will soon come into force that will regulate crypto assets uniformly throughout Europe. It contains significant new obligations for issuers and crypto…

16.12.2024 | Deal Notifications

KPMG Law advises CERTANIA Holding GmbH on the acquisition of RASG Holdco Ltd.

KPMG Law Rechtsanwaltsgesellschaft mbH (KPMG Law) has provided legal advice to CERTANIA Holding GmbH, a platform of the Munich-based PE firm Greenpeak Partners, on the…

04.12.2024 | Deal Notifications

KPMG Law and KPMG advises Brain Biotech AG on license agreements and monetization of license rights

KPMG Law Rechtsanwaltsgesellschaft mbH and KPMG AG Wirtschaftsprüfungsgesellschaft (KPMG) advised Brain Biotech AG on the monetization of licensing rights with Royalty Pharma and the conclusion…

Contact

Francois Heynike, LL.M. (Stellenbosch)

Partner
Head of Technology Law

THE SQUAIRE Am Flughafen
60549 Frankfurt am Main

Tel.: +49-69-951195770
fheynike@kpmg-law.com

© 2024 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit https://home.kpmg/governance.

 KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.

Scroll