From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)

Authors

Camilla Della Giustina, Plymouth Business School

ORCID

• Camilla Della Giustina: 0009-0005-5715-1891

Abstract

The highest judicial body has recently hit the headlines. In TR v. Land Hessen, the Court of Justice of the EuropeanUnion (CJEU) has clarified the obligations incumbent on a supervisory authority pursuant to the General Data Protection Regulation (GDPR). The CJEU highlights that supervisory authorities are not obliged to exercise ‘corrective’ powers if not necessary to remedy the breach. It clarifies that under the GDPR, supervisory authorities have discretion in addressing the shortcomings of a supervised entity but must ensure compliance with a higher level of data protection.

Publication Date

2025-02-25

Publication Title

Global Privacy Law Review

Volume

6

Issue

1

ISSN

2666-3570

Acceptance Date

2024-12-24

Deposit Date

2025-02-26

Embargo Period

2025-08-25

Keywords

Privacy, data protection, GDPR, Data processing

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

First Page

22

Last Page

27

Recommended Citation

Della Giustina, C. (2025) 'From Privacy Litigation to Privacy Restoration: How to Manage the Questions of How, When, and Whether. Case Note: TR v. Land Hessen (Case C-768/21)', Global Privacy Law Review, 6(1), pp. 22-27. Retrieved from https://pearl.plymouth.ac.uk/pbs-research/665