Court case 5 Ca 663/24 – Court Ruling (Germany, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A German court ruled that a works council chairman legally shared a former employee's private WhatsApp messages with the HR department, which led to the employee's termination. The court found this disclosure was necessary for addressing a complaint made by a subordinate. This case highlights the importance of understanding how personal data can be shared in workplace disputes.
What happened
The court decided that the works council chairman's sharing of WhatsApp messages was lawful under data protection rules.
Who was affected
The former employee whose WhatsApp messages were shared without their consent.
What the authority found
The court held that there was a valid legal basis for the data transfer, as it was necessary for examining a complaint related to the employee's conduct.
Why this matters
This ruling shows that sharing personal data can be justified in workplace contexts, emphasizing the need for companies to be aware of their data handling practices during internal investigations.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
The data subject maintained an "on/off relationship" with a subordinate. After disputes arose, this subordinate sent excerpts of the WhatsApp-Chat traffic with the data subject to the works council chairman of the company they worked for. The chairman than forwarded this chat history containing highly intimate data to the human resources department (HR) which ultimately led to the termination of the data subject's employment. The data subject argued, among other things, that there was no legal basis under Article 6 GDPR for this disclosure and that the forwarding was both a violation of data protection law and of his general personal rights therefore entitling him to €5,000 plus interest in non-material damages from the works council's chairman pursuant to Article 82(1) GDPR. # The labor court dismissed the data subject's claim, holding that the data transfer was lawful under Article 6(1)(b) and (f) GDPR and [https://www.gesetze-im-internet.de/bdsg_2018/__26.html § 26(1) BDSG] (Federal Data Protection Act) in order to provide the employer with the most meaningful basis for examining the complaint of the data subject's subordinate. The court argued, that the scope of Article 6(b) GDPR also includes the transfer of data for the execution and termination of the employment contract of the data subject and his subordinate for the examination of possible measures by the employer. The data subject had not provided evidence the transferred personal data was irrelevant for the examination of the subordinate's complaint. # Furthermore the court argued, that the data subject has not provided evidence that the works council chairman did not act in his capacity as a works council member when forwarding the data to the human resources department, meaning that he would not have been personally liable to the plaintiff for compliance with data protection law in any case. According to [https://www.gesetze-im-internet.de/betrvg/__79.html § 79a BetrVG] (Works Constitution Act), the
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case 5 Ca 663/24 in DE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case 5 Ca 663/24 - Germany (2024). Retrieved from cookiefines.eu
Last updated: