Court case 14 K 19.01274 – Court Ruling (Germany, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A German court ruled that a lawyer did not breach data protection laws when sharing documents with a court, as it was necessary for legal claims. The lawyer included personal data in the documents, but the court found this was justified. This case underscores the balance between data protection and legal processes.
What happened
A lawyer shared personal data in court documents related to a fee claim, which was challenged but found lawful.
Who was affected
A person who was involved in a legal case and whose personal data was shared by their former lawyer.
What the authority found
The court found no data protection violation, as the lawyer's actions were justified by the need to pursue legal claims.
Why this matters
This ruling highlights that sharing personal data in legal proceedings can be lawful if necessary for asserting legal claims. Legal professionals must ensure data sharing is justified and complies with data protection laws.
GDPR Articles Cited
In December 2018, the data subject filed with the DPA (the defendant in this case), a complaint under Article 77 GDPR against a lawyer who had represented the data subject in a traffic accident, before he terminated the mandate. In court proceedings after this termination, in which the lawyer's fee claim was at issue, the lawyer had submitted to the court a volume of documents containing extracts of all correspondence with the opposing insurance company, in which personal data and business secrets had not been blacked out. Since data subject had not released the lawyer from data protection and confidentiality, the data subject perceived this to be a breach of confidentiality. By letter dated 30 March 2016, the data subject contacted the lawyer regarding this breach. The data subject also complained to the Court about the lawyer's conduct, but this did not lead to any action undertaken by the Court. DPA acknowledged receipt of the complaint by letter dated 7 January 2019. In response to this complaint dated 31 May 2019, the DPA informed the data subject that it did not see any breach of data protection law in the conduct complained of and that there was therefore no reason for further supervisory measures pursuant to Article 58 GDPR. The lawyer was under no obligation to make the data subject's data unidentifiable when forwarding it to the court. According to the DPA, this processing was legitimised under Article 6(1)(f) GDPR since the pursuit of fee claims undoubtedly constitutes a legitimate interest of the lawyer. Moreover, the DPA held that, insofar as the personal data transferred were data belonging to special categories of data within the meaning of Article 9(1) GDPR (such as information on the consequences of the accident/injuries suffered by the data subject in the accident), the additional requirements of Article 9(2) GDPR were also met, as the transfer had been necessary for the assertion of legal claims. The data subject then brought the action to the Co
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case 14 K 19.01274 in DE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case 14 K 19.01274 - Germany (2021). Retrieved from cookiefines.eu
Last updated: