Data protection case law Court of Justice

Administrative fines

3 pending referrals

Referral C-654/23 (Inteligo Media, 2 Nov 2023)


Referral C-383/23 (ILVA, 21 Jun 2023)


Referral C-741/21 (juris, 1 Dec 2021)


1 preliminary ruling

of 5 Dec 2023, C-807/21 (Deutsche Wohnen)

Article 58(2)(i) and Article 83(1) to (6) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) must be interpreted as precluding national legislation under which an administrative fine may be imposed on a legal person in its capacity as controller in respect of an infringement referred to in Article 83(4) to (6) only in so far as that infringement has previously been attributed to an identified natural person.

Article 83 of Regulation 2016/679must be interpreted as meaning that an administrative fine may be imposed pursuant to that provision only where it is established that the controller, which is both a legal person and an undertaking, intentionally or negligently committed an infringement referred to in Article 83(4) to (6) thereof.


Disclaimer