CJEU Rules on Abuse of GDPR Access Rights and Compensation Claims
The Court ruled GDPR access requests can be refused if made solely to trigger compensation claims rather than to verify lawful data processing.
Court cases
Court Annuls €746 Million GDPR Fine Against Amazon
Luxembourg’s High Administrative Court annulled Amazon’s €746 million GDPR fine over targeted advertising, requiring fault and proportionality reassessment by the CNPD.
CJEU to Clarify Consent Under GDPR and ePrivacy Directive
The CJEU will clarify if broad consent for data use by “partners” in direct marketing meets GDPR and ePrivacy Directive requirements.
Court Confirms WhatsApp’s Right to Contest EDPB GDPR Fine Decision
The Court of Justice ruled WhatsApp can challenge the EDPB binding decision on GDPR violations, sending the case back for a full review.
ECHR Finds Italy Violated Privacy Rights by Allowing Tax Access to Bank Data
The ECHR ruled Italy violated privacy rights by allowing tax authorities unchecked access to banking data without judicial oversight or effective remedies.
EFTA Court Judgment on GDPR Article 38(3) and DPO Dismissal Case
The EFTA Court ruled that dismissing a data protection officer without just cause is allowed under GDPR if unrelated to their duties and national law remedies unlawful dismissal.
EU Court Holds Websites Responsible for GDPR Compliance with User Content
The EU court ruled that websites hosting user content must actively protect user privacy and comply with GDPR, including for anonymous users, or face heavy fines.
Spanish Media Win 481 Million Euro Damages Against Meta over GDPR breach
A Madrid court orders Meta to pay 481 million euros for GDPR violations harming Spanish media by exploiting user data for advertising.
EU Court Clarifies Direct Marketing and Soft Opt-In for Email Newsletters
The Court confirmed unsolicited newsletters promoting paid services fall under e-Privacy Directive’s direct marketing rules, overriding GDPR’s general lawfulness conditions.
Latombe to appeal EU–US data transfer ruling
French MP Fabien Latombe will appeal the court ruling on the EU–US Data Privacy Framework, challenging its adequacy over US surveillance and redress shortcomings.
Court of Appeal upholds GDPR fine against Grindr
Norwegian court upheld a major GDPR fine against Grindr for improper processing and sharing of sensitive and location data, stressing stricter requirements for consent, minimization and safeguards.
CJEU confirms GDPR compensation cannot be replaced by prohibitory injunctions
The CJEU rules prohibitory injunctions cannot reduce or replace GDPR compensation for past non‑material damage from unlawful data disclosures, reaffirming a distinct compensatory right.