One Spam Email = EUR 50?
One Spam Email = EUR 50?
The first ruling on the claim for compensation under the General Data Protection Regulation (“GDPR”) has been issued by a German court. Facts are the following: on 25 May 2018, the claimant received a spam email requesting his consent to the newsletter. Consequently, the claimant requested compensation of immaterial damage due to a violation of the GDPR. The defendant voluntarily paid the amount of EUR 50, but however, the claimant initiated the court proceedings, seeking the higher amount of compensation i.e. EUR 500. In the end, a local court in Germany issued the ruling stating that the claim was dismissed.
Is there compensation claim for unsolicited email?
The Article 82 (1) of the GDPR determines that each data subject who has suffered material or immaterial damage as a result of an infringement of GDPR is entitled to receive compensation from the controller or processor for the damage suffered.
The spam is unsolicited email which may be considered a violation of the GDPR, in accordance with provisions governing requirements for the consent of data subject. However, in a concrete case, the question was the calculation of damages due to the received spam. In the reasoning of the ruling, the court states that compensation claim shall exist if the data subject has experienced a noticeable disadvantage with objectively comprehensible impairment of personal rights. Moreover, the court pointed out that, even if the damage was caused, it has already been compensated by voluntary payment of EUR 50.
The amount of EUR 50 does not seem much. However, statistics say that almost 45% of all sent emails are spam and that 14.5 billion spam emails are sent every day. Taking these facts into account, thousands of spam senders could be exposed to damage claims due to a violation of GDPR.
Serbian new Data Protection Act (“Act “), which shall apply as of 21 August 2019, contains the same provision as Article 82(1) of the GDPR. As regards compensation claims due to a breach of the Act, it could be expected that the number of such claims will raise in the future. So far there is a lack of Serbian court practice in the field of data protection, especially related to compensation of damages.
Since the Act is almost the same as the GDPR, and bearing in mind mentioned ruling of the German court, maybe for the time’s coming we can expect from Serbian judges to determine the compensation amount in case you get spam in your mailbox.
This newsletter is only for the blogging purposes and does not in any mean pose as legal advice of SOG law firm. If you are interested in expert’s opinion on this matter or any advice of legal nature, feel free to contact us.
Miloš Velimirović, Partner
Kristina Pavlović, Associate
At the end of 2021, a public debate was held in the National Assembly on the Draft Law on Work Practice. The Draft itself is a reaction to relatively unfavourable basic labour market indicators, which predict that young people in Serbia lag behind their peers in...
Recently, non-fungible tokens (“NFTs”) have become the subject of significant public attention, primarily due to the high amounts of money allocated for their purchase. For example, it is estimated that the worth of the global NFT market in 2021 was about 41...
Data Protection Officer (“DPO”) is a person overseeing a company’s data protection strategy and implementation in order to ensure compliance with General Data Protection Regulation (“GDPR”) requirements. Any company that processes or stores personal data is...
Let us know how we can help you and your business.