The private enforcement under data protection law provides natural persons an option of remedying their damages caused by a violation of data protection provisions. In the digital economy, data processing could result in a variety of harmful consequences. Some of them, such as financial losses, are visible and objective. Many others (e.g. emotional harm and social harm), however, could not be easily recognized or quantified. The harm that falls within this latter category bring significant challenges to fully and effectively compensating data subjects effectively.
Recently, the CJEU in several cases (e.g., Österreichische Post, Natsionalna agentsia za prihodite, etc.) provided crucial interpretations that the violation of GDPR provisions per se did not necessarily lead to compensation. Actual harm (e.g. fear) shall be demonstrated by the data subject. In a similar vein, the UK Supreme Court also concluded that the illegal data processing and harmful consequences are not the same. In the meantime, across the Atlantic, the US Supreme Court issued historic decisions (e.g. TransUnion) reflecting the similar standpoint on remedying privacy harms.
This Webinar gathers experts, who will highlight and discuss the recent cases in the EU, UK and US on compensating privacy harm in the digital age. The presentation and discussion will also touch upon the doctrinal dilemma on recognizing and quantifying privacy harms. More importantly, the speakers will discuss the potential solutions, within and outside the data protection law.