Implications of CJEU Ruling on Compensation for GDPR Claims

E.U. privacy attorneys received much-awaited clarification on May 4, 2023, when the European Court of Justice ruled that not every infringement of the General Data Protection Regulation (GDPR) is eligible for financial compensation. The Ruling declared that a “certain degree of seriousness” must be achieved to qualify for non‑material damages and that domestic rules of E.U. Member States should inform the amount of compensation awarded, if any. This article offers insights on the implications of the decision and compliance advice from attorneys at Cordery, Wiggin and McDermott, and Will & Emery, who found the ruling to be largely measured and equitable to those on both sides of privacy complaints. See “Advice From a CISO and Lawyer on Best Practices in Information and Data Governance” (Apr. 12, 2023).

To read the full article

Continue reading your article with an ACR subscription.