Court case 20 U 51/24 – Court Ruling (Germany, 2024)

The controller, a telecommunication company, informed its customers (data subjects) through various privacy notices that so called “positive data” could be transferred to the credit ranking agency SCHUFA and CRIF. SCHUFA and CRIF process the data received from the controller and also use it for the purpose of profiling (scoring) in order to provide their contractual partners with information, among other things, for assessing the creditworthiness of natural persons ("credit scoring"). Independently of credit scoring, SCHUFA supports its contractual partners by creating profiles to identify conspicuous facts. For postpaid mobile phone contracts, the controller transmitted “positive data” from data subjects to SCHUFA until October 2023 and continues to transmit it to CRIF. This includes at least the master data required for identity verification (e.g. name) as well information on whether a contractual relationship was established with the consumer and if an existing contractual relationship with the consumer has been terminated. The plaintiff, a consumer association, alleged that the controller lacked a legal basis for transmitting "positive data" to credit scoring agencies and therefore violating Article 6 GDPR. Additionally the consumer association held that the controller privacy notices constituted unfair terms and conditions subject to special consumer protection and competition regulation. It demanded a cease-and-desist declaration along with reimbursement of associated costs. The controller claimed a legitimate interest according to Article 6(1)(f) GDPR in mitigating payment defaults and preventing fraud. The Regional Court Munich (Landgericht München – LG München) dismissed the action in the first instance. It stated the following reasons: # The claim related to "positive data" was inadmissible due to the lack of specificity, as the term is undefined by local law and unclear in its application. # The contested data protection notices were not general terms a