info@edpo.com

Take our free Assessment Test
Request a Free Quote

England and Wales High Court rules that the GDPR Art. 27 Representative is not liable for its clients’ actions

By Jane Murphy
Date Icon June 2, 2024
Category Icon Enforcement and Case Law

The England and Wales High Court of Justice (May 28th 2021): the GDPR Article 27 Representative is not liable for its client’s actions.

On the role of the representative:
“At the least, the picture which emerges is of a considerably fuller role than a mere postbox ‘to be addressed’. Even the language of ‘conduit’ or ‘liaison’ does not fully capture the job the GDPR gives to representatives. The role is an enriched one, active rather than passive.[…] The job focuses on providing local transparency and availability to data subjects, and local regulatory co-operation.”[74]

On the representative’s liability:
“I find no positive encouragement for ‘representative liability’ anywhere other than the last sentence of Rec.80.[…] If the GDPR had intended to achieve ‘representative liability’ then it would necessarily have said so more clearly in its operative provisions” [101]

 

Analysis Article 27 Case Law Data Protection Representative GDPR UK

About the author

Jane Murphy

Jane Murphy is a Belgian-Canadian lawyer specialising in data protection, corporate law, and EU regulations. She holds law degrees from Canada and Belgium, an LL.M. in EU and International Law, a Data Protection Certificate, and completed an International Business summer programme at Harvard, and an “AI:Implications for Business Strategy » executive program at MIT. Jane also has 15+ years of board experience across Europe and Asia and currently chairs Oracle Financial Services Software (OFSS) in Mumbai.

LinkedIn Email
Jane Murphy

Follow us on Linkedin for daily breaking GDPR news!

Get our weekly newsletter in your inbox every Monday with fresh GDPR and Data Protection news!