The General Data Protection Regulation and Civil Liability
Emmanuela Truli, The General Data Protection and Civil Liability, Chapter 12 in: Mohr Backum et al., Personal Data in Competition, Consumer Protection and Intellectual Property: Towards a Holistic Approach? Springer Verlag 2018 (pp. 303 - 329)
37 Pages Posted: 21 Apr 2019
Date Written: June 22, 2018
The General Data Protection Regulation took effect on 25 May 2018, on which date Directive 95/46/EC was repealed. The new GDPR has in some ways enhanced the protection of personal data: data subjects have expanded rights and plaintiffs suffering harm for a data breach may file for restitution for their damage on the basis of the more comprehensive and coherent liability provision of Article 82. Many of the amendments and clarifications of this new provision are intended to a) address the significant divergence in the liability rules transposing Article 23 of the repealed Data Protection Directive into national legislation and b) complement such rules. These amendments are, mostly, very welcome, including: an explicit provision for compensation of moral damage, liability under certain conditions of the processor and joint liability of persons who have jointly caused the damage, and a right of representation of the data subject by a competent association.
Keywords: General Data Protection Regulation 679/2016/EU, Directive 95/46/EC, Data Protection, New Data Protection Regulation, Damages Claims for Data Protection Breaches, Right to Be Forgotten, Material Damage, Moral Damage, Joint Liability, Fault
Suggested Citation: Suggested Citation