When an advertising email becomes damaged and needs to be replaced

display

Companies face fines in the event of data protection violations.

However, they can also trigger claims for damages by the person concerned.

According to a decision by the Federal Constitutional Court (BVerfG), the latter threatens in the future with absolute trivialities.

Specifically, it was about a single (!) Possibly inadmissible advertising email to the professional email address of a lawyer.

He warned the sender and demanded at least 500 euros in damages.

This is not excluded under European data protection law.

Because the term damage is to be interpreted broadly in the light of the case law of the European Court of Justice (ECJ).

How far is the crucial question.

Not so far that you get compensation for pain and suffering for an email, ruled the district court.

The BVerfG considers this to be unconstitutional.

The case should have been submitted to the ECJ.

He decides whether and how much compensation is due for a possibly inadmissible advertising email.

What Karlsruhe says is not legally wrong, but without a sense of proportion.

Indeed, when it comes to compensation, there is a lot that needs to be decided in Luxembourg.

If, however, the correct application of European data protection law is so obvious that there is no room for reasonable doubt, the case does not have to go to the ECJ.

So far as to declare a single email to be harmed, even the broadest claim for damages is not without reasonable doubt.

One can rightly consider that to be irrelevant.

Correspond to the legal layperson's understanding

display

The result of the district court should correspond to the legal layperson's understanding as well as the constitutional prohibition of excess.

It can already be found in the specific variant in Roman law, according to which the judge does not care about bagatelles.

If the courts deal with such questions in the future, one doesn't just have to increase massively in Luxembourg.

The courts must also ask themselves what they must reasonably doubt.

The consequences of the decision go far beyond data protection law.

But there it can develop explosive power.

Provoked claims for damages are a massive problem.

Someone subscribes to a newsletter and requests information about the data stored during the subscription and their deletion.

Companies often provide incorrect information or delete data too quickly.

As a result, a lawyer reports and demands compensation.

Problem worsened considerably

The decision of the BVerfG exacerbates the problem considerably, because a possibly inadmissible advertising e-mail provokes anyone who verbally asks for information to be sent by e-mail without giving it to the sender in writing.

The tendency to have non-material damage compensated is clearly evident in the case law.

1500 euros for the publication of health data, 500 euros per month for late information, 300 euros for the publication of an activity profile on the website after an employee has left.

display

It is not forbidden to provoke data protection errors in companies in order to enrich oneself.

Companies must be sensitive to data protection obligations.

You can only absolve yourself of fault if you are not responsible for the damage in any way.

This will rarely work in practice.

Data protection violations can now become a problem for the economy across the board, regardless of fines.

The legislature should take countermeasures here.

Capping the amount of legal fees for such proceedings so that they are not lucrative is a path that the GDPR does not obstruct.

So one has already combated the "warning nuisance" for copyright infringements.

The author is head of the Cologne Research Center for Media Law at the TH Köln and holder of the professorship for civil law and business law