Corporate Liability Under the GDPR
72 Pages Posted: 9 Aug 2023
Date Written: August 9, 2023
The GDPR provides for a wide variety of sanctions for the supervisory authorities in order to effectively enforce the obligations incumbent on the addressees of the GDPR. In the case of violations, Article 83 (2), (4) - (6) of the GDPR allows in particular the imposition of fines, some of which can be horrendous, in order to achieve a corresponding general preventive effect. In addition to natural persons, companies are also explicitly considered as sanction addressees as data controllers or processors. The fine regime thus proves to be the sharpest sword of the supervisory authorities' measures. Nevertheless, it has recently become apparent that this set of instruments for the liability of legal persons is not explicitly conclusively regulated in the GDPR and has thus increasingly caused legal uncertainty in national courts.
JEL Classification: K13
Suggested Citation: Suggested Citation