Article 81 GDPR
Legal Text
1. Where a competent court of a Member State has information on proceedings, concerning the same subject matter as regards processing by the same controller or processor, that are pending in a court in another Member State, it shall contact that court in the other Member State to confirm the existence of such proceedings.
2. Where proceedings concerning the same subject matter as regards processing of the same controller or processor are pending in a court in another Member State, any competent court other than the court first seized may suspend its proceedings.
3. Where those proceedings are pending at first instance, any court other than the court first seized may also, on the application of one of the parties, decline jurisdiction if the court first seized has jurisdiction over the actions in question and its law permits the consolidation thereof.
Relevant Recitals
Commentary
Article 81 GDPR regulates the suspension of judicial proceedings in multiple Member States in the context of data protection. The Article addresses issues of coordination where parallel proceedings are brought in the courts of different Member States. The lis pendens rules under Article 81 GDPR differ slightly from those under the Brussels I Regulation (Recast) (Regulation (EU) No 1215/2012). Nonetheless, both serve the purpose of preventing contradictory decisions on the same subject matter. Namely, the difference lies with Article 81(2) GDPR, which allows courts discretion to suspend their proceedings. No such discretion exists under the Brussels I Regulation (Recast).
Notably, Article 81's relevance is confined to proceedings related to the private sector. Proceedings against controllers or processors which act as public bodies are confined to the national courts of the Member States where the public body is established.[1] However, in Member States that have a separation between administrative and civil courts (e.g. France, Germany, Italy or Austria) both types of court are subject to Article 81 GDPR.
(1) Communication regarding parallel proceeding
Article 81(1) GDPR places a positive legal obligation on the competent court of a Member State to contact the court of another Member State, when it has information that proceedings concerning the 'same subject matter' by 'the same controller or processor' are pending in that court, to confirm the existence of such proceedings. The purpose of this requirement is to ensure that both Courts are made aware of parallel proceedings.
There exist differing opinions among legal scholars as to the scope of Article 81 GDPR. In particular, the discussion concerns what type of court proceedings fall under its ambit. Some Commentators have interpreted Recital 144 GDPR to have limited the scope of Article 81 GDPR, as applying only to proceedings instigated under Article 78 GDPR. The first sentence of Recital 144 GDPR refers to 'court[s] seized of proceedings against a decision by a supervisory authority', but makes no mention of proceedings against a controller or processor, which are subject to Article 79 GDPR.[2] They have interpreted this sentence to have implicitly restricted the applicability of Article 81 GDPR.
This is a reading that we reject. The prevailing opinion, one which we affirm, is that Article 81 GDPR applies to proceedings both under Articles 78 and 79 GDPR. This broader reading of Article 81 GDPR is supported by several interpretative grounds. Firstly, the explicit wording of Article 81 GDPR does not limit its application to proceedings instigated either under Article 78 GDPR or Article 79 GDPR. Secondly, the purpose of Article 81 GDPR is to prevent contradictory decisions arising from parallel proceedings. Consequently, it goes against the provision's purpose to take a restrictive reading of its scope. Lastly, Recital 144 GDPR holds no normative authority. Thus, it cannot limit the scope of a GDPR provision where the GDPR itself does not impose any formal restrictions on the Article's applicability.[3]
Obligation to contact court in another Member State
Article 81(1) GDPR addresses only courts that are competent under the GDPR[4] and that are aware of (possible) proceedings concerning the same subject matter pending in a court of another Member State.[5] The competent court is under no obligation to conduct proactive research if such proceedings exist – in most cases, one or both parties will notify the court of pending parallel proceedings.[6] However, if the competent court is aware of such “proceedings or has reason to believe that such proceedings exist”[7] it must contact the court in the other Member State to confirm the matter. The court has no discretionary power in this respect (“shall contact”).[8]
Same subject matter
The question of whether the “same subject matter” is pending before another court is not entirely clear. The GDPR contains no definition of this concept. According to Recital 144, sentence 3 GDPR, “proceedings are deemed to be related where they are so closely connected that it is expedient to hear and determine them together in order to avoid the risk of irreconcilable judgments resulting from separate proceedings.” In light of this, some scholars argue that the purpose of the proceedings, the facts and circumstances and the alleged GDPR infringements must be identical.[9] However, as Article 81(1) GDPR speaks of “processing by the same controller or processor”, other scholars – more convincingly – argue that the decisive factor is the processing activity under Article 4(2) GDPR.[10] It is not required that all parties of the proceedings are identical, instead, it is necessary that the same controller or processor conduct the processing but not that it concerns the same data subject(s).[11]
(2) Authorisation to suspend proceedings
If the requirements of Article 81(1) GDPR are fulfilled (meaning, “same subject matter” concerning “the same controller or processor” simultaneously “pending in a court in another Member State”) any competent court other than the court first seized may suspend its proceedings. The courts are under no strict obligation to suspend the proceeding but rather have discretion in this respect.[12] When assessing the necessity for suspension, the court must take into account Article 47 CFR and avoid overly long proceedings due to suspension.[13] It is not necessary that a party requests the suspension; the court decides on the suspension on its own volition (contrary to Article 81(3) GDPR, Article 81(2) GDPR does not contain the requirement “on the application of one of the parties”) but should take into account the parties wishes/requests in its assessment.[14]
(3) Authorisation to decline jurisdiction
Article 81(3) GDPR stipulates that where such proceedings are pending at first instance, any court other than the court first seized may also, on the application of one of the parties, decline jurisdiction if the court first seized has jurisdiction over the actions in question and its law permits the consolidation of the existing proceedings. Accordingly, the court called upon may also (meaning “instead of or in addition to suspending the proceedings under Article 81(2) GDPR”) decline jurisdiction if: (i) one of the parties (or both parties) requested this, (ii) the proceedings are pending at first instance (meaning proceedings on the same subject matter, as referred to in Article 81(2) GDPR), (iii) the court first seized has jurisdiction over the actions in question (meaning also over the action filed with the court subsequently called upon) and (iv) the Member State law applicable on the proceedings pending in the court first seized permits the consolidation of the actions in question.
The fulfillment of requirement (iv) is a question of Member State law. As not all Member States might provide for consolidation of legal actions pending in different Member States, this requirement substantially narrows the scope of applicability of Article 81(3) GDPR.[15] Furthermore, it remains unclear how the court subsequently called upon is supposed to assess with sufficient legal certainty if requirements (iii) and (iv) are fulfilled regarding the court first seized.[16] From a practical viewpoint, this requires certain communication and coordination between courts in different Member States. Just like the suspension under Article 81(2) GDPR, the decision on declining jurisdiction under Article 81(3) GDPR is subject to the court’s discretionary power.[17]
Decisions
→ You can find all related decisions in Category:Article 81 GDPR
References
- ↑ Kotschy, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article 81 GDPR, p. 1154 (Oxford University Press 2020).
- ↑ Feiler, Forgó, EU-DSGVO, Article 81 GDPR, margin number 1 (Verlag Österreich 2017); also see Feldmann in Gierschmann, Schlender, Stentzel, Veil, Article 81 GDPR, margin number 10 (Bundesanzeiger Verlag 2017).
- ↑ Mundil in Wolff, Brink, BeckOK DatenschutzR, Article 81 GDPR, margin number 8 (C.H. Beck 2021, 36th edition); Boehm in Simitis, Hornung, Spiecker gen. Döhmann, Datenschutzrecht, Article 81 GDPR, margin number 18 (C.H. Beck 2019); Kreße in Sydow, Europäische Datenschutzgrundverordnung, Article 81 GDPR, margin number 1 (Nomos 2018, 2nd edition); Nolte, Werkmeister in Gola, DS-GVO, Article 81 GDPR, margin number 2 (C.H. Beck2018, 2nd edition); Jahnel in Jahnel, DSGVO, Article 81 GDPR, margin number 2 (Jan Sramek 2021); see also Schweiger in Knyrim, Der Datkomm, Article 81 GDPR, margin number 7, 8 (rdb.at 2019) also argues that the wording of Article 81(3) GDPR “proceedings pending at first instance” indicates that proceedings under Article 79 GDPR are encompassed because proceedings under Article 78 GDPR could not be considered “first instance” (as the court is deciding on the decision of a supervisory authority or its inactivity).
- ↑ Namely, Article 78(3), Article 79(2) or Article 82(6) in conjunction with Article 79(2) GDPR. See, Kreße in Sydow, Europäische Datenschutzgrundverordnung, Article 81 GDPR, margin number 13 (Nomos 2018, 2nd edition).
- ↑ If the same subject matter is pending in another court of the same Member State, Article 82 GDPR does not apply and the conflict is to be resolved under national law. See Jahnel in Jahnel, DSGVO, Article 81 GDPR, margin number 3 (Jan Sramek 2021).
- ↑ Bergt in Kühling, Buchner, DS-GVO BDSG, Article 81 GDPR, margin number 5 (C.H. Beck 2020, 3rd edition).
- ↑ Recital 144.
- ↑ Schweiger in Knyrim, Der Datkomm, Article 81 GDPR, margin number 11 (rdb.at 2019); sceptical Feldmann in Gierschmann, Schlender, Stentzel, Veil, Article 81 GDPR, margin number 15 (Bundesanzeiger Verlag 2017).
- ↑ Schweiger in Knyrim, Der Datkomm, Article 81 GDPR, margin number 16 (rdb.at 2019); Jahnel in Jahnel, DSGVO, Article 81 GDPR, margin number 5 (Jan Sramek 2021); similar also Nolte, Werkmeister in Gola, DS-GVO, Article 81 GDPR, margin number 2 (C.H. Beck 2018, 2nd edition).
- ↑ Moos, Schefzig in Taeger, Gabel, DSGVO – BDSG, Article 81 GDPR margin number 9 (Deutscher Fachverlag 2019, 3rd edition); Feldmann in Gierschmann, Schlender, Stentzel, Veil, Article 81 GDPR, margin number 12 (Bundesanzeiger Verlag 2017).
- ↑ Bergt in Kühling, Buchner, DS-GVO BDSG, Article 81 GDPR, margin number 9 (C.H. Beck 2020, 3rd edition); Moos, Schefzig in Taeger, Gabel, DSGVO – BDSG, Article 81 GDPR margin number 10 (Deutscher Fachverlag 2019, 3rd edition); by contrast Kreße in Sydow, Europäische Datenschutzgrundverordnung, Article 81 GDPR, margin number 11,12 (Nomos 2018, 2nd edition) and Frenzel in Paal, Pauly, Datenschutz-Grundverordnung Bundesdatenschutzgesetz, Article 81 GDPR, margin number 13 (C.H. Beck 2021, 3th edition) are of the opinion that also the data subject(s) must be identical.
- ↑ Boehm in Simitis, Hornung, Spiecker gen. Döhmann, Datenschutzrecht, Article 81 GDPR, margin number 35 (C.H. Beck 2019).
- ↑ Boehm in Simitis, Hornung, Spiecker gen. Döhmann, Datenschutzrecht, Article 81 GDPR, margin number 35 (beck-online.de 2019).] as well as possible requests for the CJEU’s preliminary ruling by the court first seizedition [Mundil in Wolff, Brink, BeckOK DatenschutzR, Article 81 GDPR, margin number 10 (C.H. Beck 2021, 36th edition).
- ↑ Mundil in Wolff, Brink, BeckOK DatenschutzR, Article 81 GDPR, margin number 10 (C.H. Beck 2021, 36th edition).
- ↑ Mundil in Wolff/Brink, BeckOK DatenschutzR, Article 81 GDPR, margin number 11 (C.H. Beck 2021, 36th edition).
- ↑ Moos, Schefzig in Taeger, Gabel, DSGVO – BDSG, Article 81 GDPR margin number 23 (Deutscher Fachverlag 2019, 3rd edition).
- ↑ Nemitz in Ehmann, Selmayr, DS-GVO, Article 81 GDPR, margin number 8 (C.H. Beck 2018, 2nd edition); also see Kreße in Sydow, Europäische Datenschutzgrundverordnung, Article 81 GDPR, margin number 22 (Nomos 2018, 2nd edition).