The proceedings, which have been ongoing for years and concern a fine imposed on Deutsche Wohnen SE. Campos Sánchez-Bordona, also issued a statement at the end of April. In his opinion , the Advocate General confirm that GDPR fines can, in principle, be impos directly on a company. However, he simultaneously deni the question posed as to whether these fines can also be impos regardless of fault and reject the demand for strict liability. A legally binding decision by the ECJ clarifying the issues rais is still pending and is eagerly await in the near future out against strict liability.
background out against strict liability
In an appeal, the competent Berlin Regional Court declar the decision in favor of Deutsche Wohnen SE invalid. According to the Regional Court, under German administrative offense law, legal entities can only be directly sanction if specific misconduct can be proven on the part of the company’s executives – in accordance with the statutory “legal entity principle” pursuant to Section 30 of the Administrative Offenses Act (OWiG). The supervisory authority was unable to prove such misconduct in this case, so the court annull the decision. The responsible BlnBDI, in agreement with the public prosecutor’s office, filed an appeal against the discontinuation of the proceedings with the Berlin Higher Regional Court. The competent chamber placed the proceedings on hold and promptly referred two questions to the ECJ for a preliminary ruling.
Questions referred for a preliminary ruling
Unlike the first-instance Regional Court of Berlin, the Higher Regional Court of Berlin turned to the ECJ for a preliminary ruling to clarify two key questions concerning the interpretation of Article 83 (4) – (6) GDPR. Essentially, the Higher Regional Court of Berlin wanted to know from the ECJ
In the Advocate General’s opinion, companies can be the direct addressees of fines. This is not only provided for in several provisions of the GDPR, but also, india business fax list according to the Advocate General, represents one of the key mechanisms for ensuring the effectiveness of the GDPR. According to the Advocate General, this follows from the wording of individual provisions of the GDPR. In particular, Articles 4, 58, and 83 GDPR suggest that sanctions—especially fines—can be imposed directly on legal persons. The Advocate General left open the question of whether the German Administrative Offenses Act, in particular Section 30 OWiG, sufficiently takes into account the requirements of the GDPR in this regard, and referred the matter to the Berlin Regional Court, which still has to sufficiently clarify the matter.
Sanctioning requires culpable action
However, this only applies if the sanction was preceded by intentional or negligent conduct by a company employee. Thus, unlawful conduct by a single employee is sufficient to impose a corresponding fine on the company. In the Advocate General’s view, how can automated sms campaigns help businesses nurture and convert concrete evidence of a breach of supervisory duty is also required for the culpable conduct of an employee who is not a member of the management team to be attributed to the management bodies and thus sanctioned.
This means that supervisory authorities must at least establish fault in the context of the fine procedure.
Short statement from the Berlin supervisory authority
Meanwhile, the new Commissioner for Data Protection and Freedom of Information, Meike Kamp, also made. ASbrief statement on her own Mastodon account, united states business directory welcoming the Advocate General’s views. Her statement suggests that a ruling adopting the Advocate General’s Opinion Germany as in the rest of the EU. This would meet the goal of uniform enforcement of European law and significantly facilitate fines imposed by German supervisory authorities.