Schrems – Court Ruling (Austria, 2019)

Mr Schrems (permanent resident in Vienna) has brought a lawsuit against Facebook Ireland Ltd (headquartered in Dublin) before the Regional Court in Vienna ("Landesgericht für Zivilrechtssachen Wien", LGfZRS) under Article 79 GDPR. The Viennese Civil Court (LGfZRS) has denied jurisdiction. The Higher Regional Court (OLG) has overturned the judgment and held that the Civil Court has jurisdiction in the case. = Facebook argued that the case was inadmissible, as § 29(2) Austrian Data Protection Act (DSG) only allowed damages claims before civil courts, while all other GDPR rights (like the right to erasure, right to access and alike) have to be brought before the DPAs. Parallel enforcement would violate the Austrian Constitutional rules on the separation of powers between the judiciary and the executive. Facebook argued that Mr Schrems would try to enforce "general claims" that need to be brought before DPAs. If any court is in charge then it would have to be the Viennese Commercial Court ("Handeslgericht Wien"). Further claims on a change of the applications were made, that are irrelevant from a GDPR perspective and therefore not expanded here. = Mr Schrems argued that Article 77 and 79 GDPR explicitly allow parallel procedures ("without prejudice to any available administrative or non-judicial remedy"). § 29(2) DSG only talks about damages, but does not regulate other situations. It explicitly does not refer to the Courts of First Instance (of which there are three in Vienna) but to the Viennese Civil Court. § 29(2) DSG therefore overrides the general rules on jurisdictions of these three courts. The Austrian Government has objected to that in the GDPR negotiations. EU law overrides Austrian law. All claims are explicitly in his name only. All claims are personal claims by Mr Schrems and are not "general claims". GDPR explicitly allows "dual track" enforcement ("Doppelgleisigkeit"). Most of the legal literature agrees with this concept. The Austrian government