From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)

Camilla Della Giustina

doi:10.54648/gplr2025009

From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)

Camilla Della Giustina

Plymouth Business School

Research output: Contribution to journal › Review article › peer-review

1 Downloads (Pure)

Abstract

The highest judicial body has recently hit the headlines. In TR v. Land Hessen, the Court of Justice of the EuropeanUnion (CJEU) has clarified the obligations incumbent on a supervisory authority pursuant to the General Data Protection Regulation (GDPR). The CJEU highlights that supervisory authorities are not obliged to exercise ‘corrective’ powers if not necessary to remedy the breach. It clarifies that under the GDPR, supervisory authorities have discretion in addressing the shortcomings of a supervised entity but must ensure compliance with a higher level of data protection.

Original language	English
Pages (from-to)	22-27
Number of pages	6
Journal	Global Privacy Law Review
Volume	6
Issue number	1
DOIs	https://doi.org/10.54648/gplr2025009
Publication status	Published - 25 Feb 2025

ASJC Scopus subject areas

Law

Keywords

Privacy
data protection
GDPR
Data processing

Access to Document

10.54648/gplr2025009

24112024 case law privacy 24112024 deciesdeciesdeciesAccepted author manuscript, 47.5 KBLicence: CC BY

Cite this

@article{6ba450d17e1343ddadea70d89307c1f8,

title = "From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)",

abstract = "The highest judicial body has recently hit the headlines. In TR v. Land Hessen, the Court of Justice of the EuropeanUnion (CJEU) has clarified the obligations incumbent on a supervisory authority pursuant to the General Data Protection Regulation (GDPR). The CJEU highlights that supervisory authorities are not obliged to exercise {\textquoteleft}corrective{\textquoteright} powers if not necessary to remedy the breach. It clarifies that under the GDPR, supervisory authorities have discretion in addressing the shortcomings of a supervised entity but must ensure compliance with a higher level of data protection. ",

keywords = "Privacy, data protection, GDPR, Data processing",

author = "\{Della Giustina\}, Camilla",

year = "2025",

month = feb,

day = "25",

doi = "10.54648/gplr2025009",

language = "English",

volume = "6",

pages = "22--27",

journal = "Global Privacy Law Review",

issn = "2666-3570",

publisher = "Wolters Kluwer Legal \& Regulatory - International Group",

number = "1",

}

TY - JOUR

T1 - From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)

AU - Della Giustina, Camilla

PY - 2025/2/25

Y1 - 2025/2/25

N2 - The highest judicial body has recently hit the headlines. In TR v. Land Hessen, the Court of Justice of the EuropeanUnion (CJEU) has clarified the obligations incumbent on a supervisory authority pursuant to the General Data Protection Regulation (GDPR). The CJEU highlights that supervisory authorities are not obliged to exercise ‘corrective’ powers if not necessary to remedy the breach. It clarifies that under the GDPR, supervisory authorities have discretion in addressing the shortcomings of a supervised entity but must ensure compliance with a higher level of data protection.

AB - The highest judicial body has recently hit the headlines. In TR v. Land Hessen, the Court of Justice of the EuropeanUnion (CJEU) has clarified the obligations incumbent on a supervisory authority pursuant to the General Data Protection Regulation (GDPR). The CJEU highlights that supervisory authorities are not obliged to exercise ‘corrective’ powers if not necessary to remedy the breach. It clarifies that under the GDPR, supervisory authorities have discretion in addressing the shortcomings of a supervised entity but must ensure compliance with a higher level of data protection.

KW - Privacy

KW - data protection

KW - GDPR

KW - Data processing

UR - https://pearl.plymouth.ac.uk/pbs-research/665/

U2 - 10.54648/gplr2025009

DO - 10.54648/gplr2025009

M3 - Review article

SN - 2666-3570

VL - 6

SP - 22

EP - 27

JO - Global Privacy Law Review

JF - Global Privacy Law Review

IS - 1

ER -

From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)

Abstract

ASJC Scopus subject areas

Keywords

Access to Document

Other files and links

Fingerprint

Cite this