Court case 13 U 206/20 – Court Ruling (Germany, 2022)

The data subject applied for a job with the controller, which is a private bank. The application procedure took place at the online platform Xing. During this procedure an employee of the controller sent a message, which was actually intended for the data subject, to a third person who was not involved in the application process, via the messenger service of Xing. The message contained the name of the data subject and the information that the controller cannot meet the data subject's salary expectations but can offer €80,000 plus a variable remuneration. The person receiving the message was an acquaintance of the data subject and told the data subject about it. The data subject did not directly communicate this incident to the controller but waited until he received a rejection of his application from the controller. The data subject then requested access to his data, a declaration to cease and desist from the controller and damages in the amount of €2500. The controller declared that it would refrain from passing on the specific message to third parties in the future but otherwise rejected the requests of the data subject. The data subject sued for a cease-and-desist order and damages. The Regional Court of Darmstadt (Landgericht Darmstadt - LG Darmstadt) ordered the controller to cease-and-desist and to pay €1000 in damages. It came to the conclusion that the data subject has a right to injunctive relief under §§ 823, 1004 BGB (German Civil Code) and that the data subject suffered damages because of the loss of control over his data. Both the controller and the data subject appealed this decision. The Higher Regional Court Frankfurt (Oberlandesgericht Frankfurt – OLG Frankfurt) upheld the cease and desist order by the LG Frankfurt but annulled the judgement regarding the award of damages. The court held that there is no need to apply §§ 823, 1004 BGB because the Federal Court of Germany (Bundesgerichtshof – BGH) in its decisions of 12.10.2021 (VI ZR 488/19 and V