Court case 3 O 277/22 – Court Ruling (Germany, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A German court ruled that a website visitor's claim for damages was not valid because they were mainly trying to find violations to sue for money. This case shows that courts may reject claims if they believe the person is acting in bad faith.
What happened
A court found that a website visitor's claim for damages was invalid because they sought out violations to generate claims.
Who was affected
The case involved a website visitor who intentionally looked for data protection violations.
What the authority found
The court ruled that the visitor acted in bad faith by seeking out violations to claim damages, thus rejecting their request.
Why this matters
This ruling suggests that courts may dismiss claims if they suspect the claimant is exploiting data protection laws for financial gain. Website operators should be aware of this potential defense.
GDPR Articles Cited
National Law Articles
The controller run some websites that make use of Google tools. When users interacted with such tools their personal data were transferred to the US, allegedly in violation of the GDPR. The data subject visited some of these websites via web crawling and claimed damages for data protection violations. The controller considered the data subject's request unfounded and brought an action for injunctive relief before the Regional Court of Baden-Baden. The controller asked the court to order the data subject to refrain from further warnings and requests, as the data subject had no right to compensation under the GDPR. The court held that the controller's request was admissible and justified. The court pointed out that the CJEU case law allows the application of national law enabling judges to check the existence of abuses of EU rights by the parties (see [https://curia.europa.eu/juris/liste.jsf?nat=or&mat=or&pcs=Oor&jur=C%2CT%2CF&num=C-373%252F97&for=&jge=&dates=&language=en&pro=&cit=none%252CC%252CCJ%252CR%252C2008E%252C%252C%252C%252C%252C%252C%252C%252C%252C%252Ctrue%252Cfalse%252Cfalse&oqp=&td=%3BALL&avg=&lg=&page=1&cid=2070463 C-373/97]). In the present case, such parameter is the standard of "good faith" under § 242 of the German Civil Code (Bürgerliches Gesetzbuch - BGB) which, according to the court, the data subject had violated in the present case. This results from the fact that, contrary to the data subject's submissions, their primary interest when accessing the websites was the generation of claims for damages against the controller. The court rejected the data subject's statement that their main concern was to denounce data protection violations. Besides, the court held that the risk that inexperienced users came to the webpages was very low. A violation in the form of unlawful data transfers materialised only because the data subject intentionally looked for it with an aim of asking for non-material damages. As a further argument to substantiate the
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case 3 O 277/22 in DE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case 3 O 277/22 - Germany (2023). Retrieved from cookiefines.eu
Last updated: