欧洲刑警组织与成员国就非法披露个人数据造成的损害承担的连带责任（对欧洲法院的评论，2024年3月5日，C - 755/ 21p）

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review Pub Date : 2025-06-07 DOI:10.1016/j.clsr.2025.106161

Andrea Parziale

{"title":"欧洲刑警组织与成员国就非法披露个人数据造成的损害承担的连带责任（对欧洲法院的评论，2024年3月5日，C - 755/ 21p）","authors":"Andrea Parziale","doi":"10.1016/j.clsr.2025.106161","DOIUrl":null,"url":null,"abstract":"<div><div>This case note examines a judgment by the Court of Justice on Europol's civil liability for unlawful disclosure of personal data during cross-border cooperation with Member State authorities. The Court overturned the General Court's decision, establishing that joint and several liability between Europol and Member States can arise under Article 50 of Regulation 2016/794 (Europol Regulation), informed by Recital 57. While this ruling facilitates compensation for injured parties when the exact source of data disclosure cannot be identified, the Court awarded only €2000 in damages to the appellant, a modest sum that may undermine Article 50′s effectiveness as a data protection mechanism. The case note analyzes both the joint liability determination and the damages quantification, arguing that while the recognition of joint liability strengthens data subject protection in principle, the symbolic damages awarded significantly limit its practical impact as an accountability tool for ensuring responsible data handling in cross-border criminal investigations.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106161"},"PeriodicalIF":3.3000,"publicationDate":"2025-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Joint and several liability between Europol and a Member State for damages from unlawful disclosure of personal data (comment on European Court of Justice, 5 March 2024, C‑755/21 P)\",\"authors\":\"Andrea Parziale\",\"doi\":\"10.1016/j.clsr.2025.106161\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>This case note examines a judgment by the Court of Justice on Europol's civil liability for unlawful disclosure of personal data during cross-border cooperation with Member State authorities. The Court overturned the General Court's decision, establishing that joint and several liability between Europol and Member States can arise under Article 50 of Regulation 2016/794 (Europol Regulation), informed by Recital 57. While this ruling facilitates compensation for injured parties when the exact source of data disclosure cannot be identified, the Court awarded only €2000 in damages to the appellant, a modest sum that may undermine Article 50′s effectiveness as a data protection mechanism. The case note analyzes both the joint liability determination and the damages quantification, arguing that while the recognition of joint liability strengthens data subject protection in principle, the symbolic damages awarded significantly limit its practical impact as an accountability tool for ensuring responsible data handling in cross-border criminal investigations.</div></div>\",\"PeriodicalId\":51516,\"journal\":{\"name\":\"Computer Law & Security Review\",\"volume\":\"58 \",\"pages\":\"Article 106161\"},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2025-06-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Law & Security Review\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2212473X25000343\",\"RegionNum\":3,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2212473X25000343","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 0

摘要

本案件说明审查了法院关于欧洲刑警组织在与成员国当局跨境合作期间非法披露个人数据的民事责任的判决。法院推翻了普通法院的决定，确定欧洲刑警组织和成员国之间的连带责任可以根据2016/794号条例（欧洲刑警组织条例）第50条产生。当无法确定数据披露的确切来源时，这一裁决有利于受害方的赔偿，但法院只判给上诉人2000欧元的损害赔偿，这一数额不大的赔偿可能会削弱第50条作为数据保护机制的有效性。案例说明分析了共同责任的确定和损害赔偿的量化，认为虽然承认共同责任在原则上加强了对数据主体的保护，但象征性损害赔偿的裁决大大限制了其作为确保跨境刑事调查中负责任的数据处理的问责工具的实际影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Joint and several liability between Europol and a Member State for damages from unlawful disclosure of personal data (comment on European Court of Justice, 5 March 2024, C‑755/21 P)

This case note examines a judgment by the Court of Justice on Europol's civil liability for unlawful disclosure of personal data during cross-border cooperation with Member State authorities. The Court overturned the General Court's decision, establishing that joint and several liability between Europol and Member States can arise under Article 50 of Regulation 2016/794 (Europol Regulation), informed by Recital 57. While this ruling facilitates compensation for injured parties when the exact source of data disclosure cannot be identified, the Court awarded only €2000 in damages to the appellant, a modest sum that may undermine Article 50′s effectiveness as a data protection mechanism. The case note analyzes both the joint liability determination and the damages quantification, arguing that while the recognition of joint liability strengthens data subject protection in principle, the symbolic damages awarded significantly limit its practical impact as an accountability tool for ensuring responsible data handling in cross-border criminal investigations.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computer Law & Security Review LAW-

CiteScore

5.60

自引率

10.30%

发文量

审稿时长

67 days

期刊介绍： CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.