Blog

Since C-300/21 Österreichische Post, the first ECJ decision on non-material damages under GDPR, the ECJ has handed down multiple other decisions on the topic (C-340/21 Natsionalna agentsia za prihodite, C-667/21 Krankenversicherung Nordrhein, C-456/22 Gemeinde Ummendorf and C‑687/21 MediaMarktSaturn). There seems to be a marked effort by the Court to create a reliable jurisprudence for non-material damages. In fact, all the decisions have been assigned to and decided by the Third Chamber under Article 60 of the Rules of Procedure of the Court of Justice. This post analyses the subsequent cases after Österreichische Post to flesh out the Court’s conception of non-material damages under Article 82 GDPR and to analyse whether a coherent approach emerges from the case law.

Requirements

Based on Article 82(2) GDPR, the Court delineates three cumulative elements for non-material damages (Österreichische Post at 36, Natsionalna agentsia za prihodite at 77, Gemeinde Ummendorf at 14,  Krankenversicherung Nordrhein at 82 and MediaMarktSaturnat 58):

1. Infringement of the GDPR

2. Damage

3. A causal link between the infringement and damage

Once these three elements are in place, a controller is liable for the non-material damage and must compensate the claimant in accordance with Article 82(1) GDPR.

(1) Infringement

As per Article 82 GDPR, a controller has to compensate for a damage which arose as the consequence of an infringement of the GDPR (Österreichische Post at 31). However, mere infringement alone is insufficient to confer a right to compensation (MediaMarktSaturn at 58, Österreichische Post at 33 and 34). This is because the three elements are cumulative (as seen above).

Infringement of the GDPR cannot simply be determined by the fact that there was, for example, a data breach (MediaMarktSaturn at 45). In MediaMarktSaturn, the hearing of an action for damages under Article 82 must also take into account all the evidence that a controller provides to demonstrate, for example, that their technical and organisational measures were sufficient and therefore, complied with Articles 24 and 32 GDPR (MediaMarktSaturn at 44).

In other words, to ascertain whether an “infringement” occurred in the specific case, the Court seems to consider not only the factual consequences of it (i.e. whether the controller lost control over the personal data following a breach). It also determines whether that event is attributable to the controller in terms of intent or culpability (did the controller want that event or were they negligent in adopting any reasonable countermeasures?). It seems that a controller can use a lack of intent or negligence to argue against their alleged infringement. For example, if a breach occurred but the controller proved that they were not negligent and had the necessary technical and organisational measures, then there is arguably no infringement and a claim for damages would end here.

(2) Damage

Recital 85 to the GDPR provides a non-binding list of what could constitute material or non-material damage under the GDPR. It lists the following: ‘loss of control over […] personal data, limitation of […] rights, discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality of personal data protected by professional secrecy or any other significant economic or social disadvantage to the natural person concerned.’

The first of this list – loss of control over personal data – has been clarified further and defined rather broadly by the ECJ. Fear deriving from the loss of control over personal data from an infringement of the GDPR is sufficient to give raise to non-material damages (Natsionalna agentsia za prihodite at 80). The amount of time that the fear is felt by the claimant can be short. In Gemeinde Ummendorf, a few days, which did not have a noticeable consequence for the claimant beyond the fear itself, were sufficient for non-material damages (Gemeinde Ummendorf at 22). This follows a previous decision, which in doing away with a threshold of seriousness for non-material damages, allows all non-material damages, even if they are limited in scope, to lead to possible claims (Österreichische Post at 49). The fear itself is sufficient, as there is no requirement that the damage be linked to an actual misuse of the data by third parties by the time of the claim (Natsionalna agentsia za prihodite at 79). Nor does the claimant need to show that there has been a misuse to their detriment (Natsionalna agentsia za prihodite at 82 and Gemeinde Ummendorf at 22). Thus, it is sufficient that the breach of the GDPR be linked to the claimant’s fear that such misuse may occur in the future.

This is a broad reading of loss of control. As noted by AG Pitruzzella, the GDPR does not state that fear should create a ground for compensation for non-material damages (AG Opinion in C‑340/21 at 78). There is undoubtedly ‘a fine line between mere upset (which is not eligible for compensation) and genuine non-material damage (which is eligible for compensation)’ (AG Opinion in C‑340/21 at 83). The Court here could have gone either way, especially in a case on the facts such as Natsionalna agentsia za prihodite where the fear suffered by the claimant of a possible misuse of personal data in the future had no established misuse and the claimant had not suffered further harm (AG Opinion in C‑340/21 at 77). Nonetheless, because the definition of damage should be ‘broad’ and allow for ‘full and effective’ compensation as per Recital 146 to the GDPR, the AG Pitruzzella stated that the Court should hold the fear itself to be sufficient (AG Opinion in C‑340/21 at 71 and 77). Not only did the Court follow the AG’s Opinion at paragraph 81 of the judgment, but it has consistently referred to the broadness point of Recital 146 in its later non-material damages judgments (Gemeinde Ummendorf at 19 and 20 and MediaMarktSaturn at 65).

The ECJ did not, however, go as far as to establish a presumption that all infringements would result in a damage (cf. AG Opinion in C‑340/21 at 74). The claimant still needs to show consequences from the infringement (Österreichische Post at 50 and MediaMarktSaturn at 60). Thus, they must show that they have suffered an actual damage, however minimal it may be (Gemeinde Ummendorf at 22). The burden of proof is also on the claimant to show this damage (MediaMarkt at 61 and 68 and Natsionalna agentsia za prihodite at 84). This makes sense given that the claimant is the only one who has experienced the damage (for example, fear) and is in a position to prove it.

It is perhaps due to this logic, that the ECJ (on the concept of loss of control) also stated that the fear must be ‘well-founded’ and that the risk cannot be hypothetical (MediaMarkt at 67 and 68 and Natsionalna agentsia za prihodite at 85). While it is for national courts to determine whether these requirements are met (MediaMarktSaturn at 67 and 6), the ECJ nonetheless determined that the disclosure of data to a third party, who did not know about it, would not give rise to non-material damages (MediaMarktSaturn at 69). In this case, it was clear that the risk was unfounded; the third party never became aware of the personal data during the breach and the document containing the data was returned within half an hour. So, the fear linked to this so-called hypothetical risk proved insufficient for non-material damages. If the claimant cannot evidence damage as defined above, then a successful claim for damages will also end at this point.

(3) Causal link

A causal link must exist between the infringement and damage (Österreichische Post at 32 and under Article 82(1) GDPR). The Court has not yet developed this criterion in detail, but it can be inferred that the claimant should show there to be some form of reasonable relationship between the infringement and their damage. If there is no causal link it follows that there cannot be a right to receive compensation under Article 82 GDPR.

The fact that damage was caused by a third party, as defined by Article 4(10) GDPR, rather than the controller themselves, is not a limiting factor. Article 4(10) GDPR defines third parties as being under the ‘direct authority’ of the controller or processor and authorised to process the data. The Court in Natsionalna agentsia za prihodite found hackers to be third parties under Article 4(10) GDPR (at 71). Thus, Article 4(10) has been interpreted broadly in that it does not require third parties to be employees of the controller or subject to its control (at 66). Nonetheless, for the third party act to be attributable to the controller, the controller must have made the infringement possible in the first place by failing to comply with their GDPR obligations, for example, by failing to implement appropriate technical and organisational measures (at 71).

Defences

Liability is subject to fault on the part of the controller, which is presupposed unless it proves that it is ‘not in any way responsible’ for the event giving rise to the damage (MediaMarkt at 52, Recital 146 GDPR, and Natsionalna agentsia za prihodite at 37 and 69). The circumstances in which the controller may claim to be exempt from civil liability under Article 82 GDPR are ‘strictly limited’ to those in which the controller is able to demonstrate that the damage is not attributable to it (Natsionalna agentsia za prihodite at 70). It is explicitly for the controller to rebut this presumption of fault (Krankenversicherung Nordrhein at 94 and alsoNatsionalna agentsia za prihodite at 69 and 70). This allocation of the burden of proof to the controller ensures that the effectiveness of the right to compensation (Article  82 GDPR)  is maintained ( MediaMarktSaturn at 42).

Questions remain over what type of defence Article 82(3) is and how it relates more widely to the concept of non-material damages. For example, if liability (the link between the controller’s fault and the damage) is presupposed, does this mean that the causal link (between the infringement and the damage) is presupposed as well? Is Article 82(3) GDPR, therefore, a defence against causation or a separate general defence against liability? Moreover, does this presumption of fault also mean that intent or negligence should become a rebuttable presumption when deciding on an infringement? These are questions that will inevitably arise before the ECJ in the future. 

Compensation

Article 82(1) GDPR has a compensatory instead of punitive function (MediaMarktSaturn at 48). Compensation is limited to monetary compensation and should only fully compensate for the damage suffered by the infringement of the GDPR (Krankenversicherung Nordrhein at 84 to 87, Österreichische Post at 58 and MediaMarktSaturn at 54). It is because of this compensatory function that national courts should not look at the controller’s behaviour when quantifying non-material damages. The compensation will not be affected by the degree of the controller’s responsibility, and it does not matter whether there was intent or negligence from the side of the controller (Krankenversicherung Nordrhein at 86, 87, and 102 and MediaMarktSaturn at 48).

Final compensation must be ‘full and effective’ (Recital 146 to the GDPR). This means that national rules must enable the claiming of compensation (Österreichische Post at 56). Nonetheless, it is for national courts to determine the exact amount of pecuniary damages in accordance with their national law (Krankenversicherung Nordrhein at 83 and 101), as long as the internal rules of the Member State follow the principles of equivalence and effectiveness of EU law (MediaMarktSaturn at 53).

Damages under the GDPR are conceptually autonomous and therefore ‘special national’ interpretations, except for the amount of the compensation, should not occur (MediaMarkt at 59). In general, the divergence or unity of GDPR damages in comparison with national law conceptions of damages will require a more detailed discussion than is possible within this blogpost.

A coherent vision

Having briefly analysed the cases above, there seems to be a coherent line of argumentation behind the non-material damages cases under Article 82 GDPR. The rulings do not radically diverge from each other, and the concepts developed are re-used, cross-referenced, and built upon. As more preliminary references arrive and non-material damages develop further, the Court could even begin to send some questions back to national courts under Article 99 (Reply by Reasoned Order) of the Rules of Procedure of the Court.This is where the question referred is identical to a question on which the court has already ruled or where the answer to such a question may be clearly deduced from existing case law.

A practical point to mention is that the definition of non-material damages is likely to affect also class action suits and collective redress. A broad interpretation of non-material damages could lead to data breaches becoming exorbitantly expensive for controllers, to the point that they may no longer want to operate in Europe. Instead of restricting the concept of damages, a solution would be to avoid the creation of an impossible threshold for controllers and processors to prove that they have complied with Articles of the GDPR. It is perhaps for this reason that the Court has so far been reasonable with its thresholds and decided, for example, that unauthorised disclosure of personal data to third parties is not sufficient in itself to hold that Articles 24 and 32 GDPR have been infringed by the controller (MediaMarktSaturn at 40).

Material and non-material damages are well defined concepts within national law, and so conflicts will inevitably occur between national systems and the GDPR. It is important that the ECJ maintain its coherent vision of non-material damages to create a uniform application of the GDPR and therefore, protect the effectiveness of Articles 7 and 8 of the Charter of Fundamental Rights of the European Union and Article 16 of the Treaty on the Functioning of the European Union.

The Corporate Sustainability Due Diligence Directive at risk

In December 2023, following a lengthy Trilogue, a political agreement was reached regarding the Corporate Sustainability Due Diligence Directive (CSDDD); the first EU economy-wide mandatory due diligence legislative measure. The Directive aims to promote sustainable corporate conduct across global value chains, which include the full range of activities involved in the creation of a product or service. While the CSDDD is not a panacea, it is expected to foster a level playing field and improve corporate sustainability. However, a last-minute announcement from the internally divided German government to abstain from voting in the European Council has put the Directive’s future at risk.

Despite earlier endorsement, on the 1^st of February 2024, Germany suddenly withdrew its support for the CSDDD due to the opposition of the FDP, the liberal government coalition party. Lukas Köhler, FDP deputy head in German Parliament, stated that the FDP cannot support the Directive as its obligations would overburden companies. Subsequently, other EU Member States, such as Italy, followed Germany’s example and decided to abstain from voting, or to vote against approval. The Council vote which was initially planned on 9 February had to be postponed since the required qualified majority would not be reached. On 28 February, once again, due to lack of support, it was decided to postpone the vote on the approval of the Directive. In the meantime, the Belgian Presidency of the Council, reportedly, proposed a new comprise text of the Directive hoping to convince Member States to vote in favour. The revised version would have included a downsized personal scope of application and softened provisions on civil liability. However, on 8 March, the Council vote has again been postponed. While time is running out ahead of the European elections, the Directive has been set on the agenda of the Coreper I meeting on 13 March.

This blog post argues that the failure to approve the CSDDD by the Council under the guise of protecting companies is counterproductive and represents a missed opportunity in mitigating climate change. First, the post looks at the CSDDD from the perspective of European businesses. Then, it connects the urgent societal challenge of climate change to the EU Directive awaiting approval by the Council.

European companies embrace harmonisation

Abstaining from voting, and, thus, de facto making approval impossible, is not in the interest of European companies. Indeed, the CSDDD would serve the companies’ interests by seeking to harmonise due diligence legislation within the EU internal market. Pursuant to its dual legal basis (Art. 50 and 114 TFEU), the Directive aims to harmonise legislation to ensure a level playing field within the EU internal market and avoid distortions of competition. It is for this reason that European businesses urge the EU Member States to formally adopt the CSDDD. In a joint statement, large German companies argue that putting the CSDDD at risk will create legal uncertainty. In their view, the Directive is the ‘only chance’ for an EU-wide level playing field with fair competitive conditions that will create legal certainty. Not only big companies embrace the CSDDD; the Italian Confederation of Craft Trades (CNA) representing small and medium-sized enterprises has, for example, expressed its support to the CSDDD as it will ensure a level playing field and avoid unfair competition with non-EU companies.

The fears of these companies regarding an unlevel playing field and legal uncertainty appear to be well-founded. Disparities between national due diligence legislation result in legal fragmentation which can lead to distortions of competition. Most notably, Germany and France have enacted legislation containing due diligence requirements. The legislative measures significantly differ in personal scope, material scope and regulatory approach. For instance, the German act applies to companies employing more than 1000 employees, whereas the French actonly applies to companies employing more than 5000 employees. Moreover, under the French act climate change should be addressed in carrying out due diligence, while the German act does not cover climate change issues at all. Considering just these two examples of legislation, it becomes apparent that the risk of legal fragmentation should be taken seriously.

The Commission convincingly argues in the proposal for the CSDDD that these disparities between national legislation are likely to lead to distortions of competition within the internal market. Companies that are active in certain EU-jurisdictions with no or less stringent due diligence legislation will have a competitive advantage. Furthermore, legal fragmentation creates a significant burden to companies as compliance with different national legislation requires diverging measures and policy per jurisdiction. Against this background, it should be noted that rejection of the CSDDD could even lead to further legal fragmentation. National legislative proposals, such as a Dutch proposal, that were put on hold, awaiting the CSDDD, could be rehabilitated. Indeed, one could argue that not the CSDDD’s requirements, but the lack of harmonisation will overburden European companies.

Alongside the harmonising effects of the CSDDD within the EU, the Directive’s requirements align with international standards on due diligence. Since their adoption in 2011, the UN Guiding Principles on Business and Human Rights(UNGPs) and OECD Guidelines for Multinational Enterprises are internationally broadly recognised soft law documents that pursue corporate sustainability through encouraging due diligence regarding human rights and the environment. The approval of the CSDDD would strengthen these influential international standards, which have been endorsed by the EU since 2011. According to the UN High Commissioner for Human Rights, the EU would show historic global leadership. Additionally, companies that already pursue to comply with these international due diligence standards will be rewarded for their efforts in carrying out business activities responsibly. Unsurprisingly, a large and wide-ranged group of European businesses called for an ambitious CSDDD aligning with the UNGPs and OECD Guidelines for Multinational Enterprises.

Corporate sustainability legislation for a green EU economy

Building upon the existing international due diligence standards, the CSDDD, inter alia, seeks to advance the greening of the EU economy. Arising from the EU sustainable corporate governance initiative, the CSDDD is a proposal for corporate sustainability legislation, crucial in steering towards a green and climate-neutral EU economy by 2050 as required by the European Climate Law. Additional mitigating efforts are indeed necessary to address the urgent challenges posed by climate change. Last year, the International Panel on Climate Change (IPCC) established that human activities had already caused a global temperature rise of 1.1°C by 2020 in comparison to pre-industrial levels. Moreover, it revealed that current global mitigation efforts are insufficient to limit global warming to 1.5°C as envisioned by the Paris Agreement. Similarly, the European Environmental Agency has concluded that current EU-efforts will not suffice to achieve the climate change mitigation goals codified by the European Climate Law. According to the IPCC, resilient climate policy will require ‘large and sometimes disruptive changes in economic structures’.

Since the CSDDD is based on existing soft law, it does not seem to be that disruptive, yet it will target the right actors with substantive obligations. Addressing the private sector is necessary as large companies are currently and historically have been the main contributors to climate change. The 2017 Carbon Majors Report showed that just 100 companies are responsible to 71 per cent of all global greenhouse gas emissions since 1988. Regulation of sustainable corporate conduct has come a long way. Prior to the European Green Deal, the EU predominantly aimed to enhance corporate sustainability through supporting and promoting voluntary corporate social responsibility (CSR). However, open-ended CSR initiatives and non-legally binding international due diligence standards leave a regulatory gap and do not suffice in effectively pursuing sustainable corporate conduct (see, e.g. the study for the Commission on supply chain due diligence).

The CSDDD partly seizes the opportunity to bridge this regulatory gap. The cautiously drafted Directive, as negotiated in the political agreement, contributes to the EU’s climate change mitigation objectives rather half-heartedly and does not seem to fulfil the Directive’s potential. In truth, the CSDDD’s text has been watered down significantly. Both the Commission’s proposal and the European Parliament’s draft report were less cautiously drafted and would have been more effective in mitigating climate change. In this context, the political agreement’s personal scope of application is fairly narrow. According to the political agreement, the Directive applies to EU companies with over 500 employees and a net worldwide turnover of at least EUR 150 million, and to non-EU companies with a net EU turnover of at least EUR 300 million. As a result, the revenue threshold for non-EU companies has, for example, been doubled compared to the Commission proposal. Additionally, the political agreement fails to designate any high-risk business sectors with lower employee base and revenue thresholds. Although the current text does not fulfil the Directive’s potential, adoption would still be a crucial step into the right direction. The companies concerned are required to comply with two main substantive obligations.

Firstly, the due diligence obligation of Article 4 of the Directive requires companies to address adverse impacts of their business activities to specific human rights and environmental norms. Rather surprisingly, the political agreement fails to refer to any directly climate-related rights and norms. Noteworthy, the European Parliament was keen on directly addressing climate change through the due diligence obligation. Although not specified, the reason for not directly including adverse climate impacts could be that this due diligence obligation would, by some, be regarded as too far-reaching. However, as it is increasingly accepted that climate change harms the realisation of human rights and environmental norms (see, e.g. UN General Assembly Resolution 76/300 and the Dutch Supreme Court’s decision in the Urgenda case), adverse climate impacts can (possibly) be considered as adverse human rights or environmental impacts. This would mean that companies must either way address the adverse impacts of business activities to the climate.

Secondly, the other main obligation does directly refer to climate change. Article 15 lays down the obligation to draw up a climate transition plan. Reinforcing the reporting obligation of the Corporate Sustainability Reporting Directive (CSRD), the CSDDD would require large companies to adopt and put into effect a plan that is in line with the European Climate Law. Companies falling within the personal scope of the Directive would be obliged to reconsider their business strategy and implement measures, through a best-efforts approach, to play their part in reaching climate-neutrality by 2050.

The way forward

It is to be hoped that the Council will eventually formally approve the proposed Directive. The CSDDD is not only about holding companies accountable, but also about fostering a level playing field and ensuring fair competition within the EU internal market. The support for the CSDDD from European businesses underscores its importance in creating legal certainty and eliminating distortions of competition that arise from disparities in national legislation. Furthermore, in light of the urgent need to address climate change and the transition to a sustainable economy, the Directive represents a crucial step forward. Efforts of the Belgian Presidency in the Council must be efficacious to regain earlier-existing support which was present at the time of reaching the political agreement in December 2023. By voting in favour of the CSDDD, EU Member States would, at last, prioritise the long-term interests of European companies, society and the planet.

In February, the German Federal Constitutional Court (Bundesverfassungsgericht) rejected a motion regarding electoral thresholds in EU electoral law, finally allowing for the necessary national approval of Council Decision 2018/994. This Decision intends to amend the European Electoral act and, according to Article 223 (1) TFEU, must be approved by all Member States. Up until now, the court had held that thresholds in European elections were not compatible with German constitutional law. However, a draft legislative act proposes that some Member States would be obliged to establish electoral thresholds for European elections. With this new judgement, the Bundesverfassungsgericht joins other European courts in finding thresholds to be compatible with national constitutional law.

This blog post aims to provide context for a decision that might very well change the composition of the European Parliament.

Previously on… electoral thresholds

In elections, citizens cast their votes in order to have their opinions represented in a parliament. In theory, representing every political view leads to a better democracy in which minority voices can gain much influence. However, fragmentation of a parliament can interfere with finding a consensus and thus hinder governability. By requiring a minimum percentage of votes a party must gain to be allocated a seat in a parliament, electoral thresholds seek to balance representation and governability. Approximately half of all Member States currently employ electoral thresholds in European parliamentary elections. The threshold is 5 percent in nine states (Czechia, France, Croatia, Latvia, Lithuania, Hungary, Poland, Romania and Slovakia), 4 percent in Austria and Sweden, 3 percent in Greece and 1,8 percent in Cyprus. Fourteen Member States do not currently have minimum requirements for allocation of European Parliament seats.

Thresholds are common in German electoral law. On the federal level, a party must gain at least five percent of votes to be allocated a seat in the German Parliament, the Bundestag (§ 4 (2) no. 2 Bundeswahlgesetz). Similarly, in the first European elections, German parties had to pass a threshold of five percent and, later, of three percent (§ 2 (6) resp. (7) Europawahlgesetz [old version]). In 2011 and 2014, the Bundesverfassungsgericht ended this practice. While it has always held that the federal threshold is not only legal, but constitutionally mandated, the Court saw clear differences between the German Parliament and the European Parliament. Governability is extremely important for the Bundestag, which is responsible for electing the Bundeskanzler (chancellor) and where the governing parties hold much power. However, on a European level, the European Parliament is not as involved in the governing and does not require a stable majority. Although the Commission President is elected by the Parliament (Article 17 (7) of the Treaty on European Union [TEU]), and the College of Commissioners can be removed by a parliamentary motion of censure (Article 17 (8) TEU), the Commission does not need continuous support from the Parliament in order to govern. For example, in the second reading during the ordinary legislative procedure, an act can pass without a parliamentary procedure when the Parliament either does not vote on a Council position or does not disapprove of the position with a majority vote (Article 294 (7) lit. a, b TFEU). Groups in the European Parliament differ from their national counterparts as well: the strongest groups do not form a ‘government’, Commissioners usually come from different political groups. Since the Parliament is so diverse in nationalities, languages, cultures, and political opinions, large groups provide a form of integration: internal debates often happen so that groups can speak with one united voice when it comes to plenary debates. Fragmentation is therefore, according to the Bundesverfassungsgericht, not as daunting on the European level as it is in the German Bundestag.

Other Member States’ Courts have also ruled on their respective electoral thresholds. The Czech Constitutional Court also argued that national parliaments and the European Parliament are different by nature and can not be held to the same standards (para. 70). However, a stable majority in the European Parliament is elemental to the functioning of the European Union (paras. 71, 72). It concluded that the European electoral threshold required by Czech law was in line with the Czech constitution. The Italian Constitutional Court also held that thresholds were compatible with the Italian Constitution as they are ‘typical manifestations of the discretion of a legislator that wishes to avoid fragmented political representation, and to promote governability’. The French Conseil Constitutionnel also ruled the electoral threshold to be in line with the French Constitution. It based its judgement on two pursued objectives: the favouring of ‘main currents of ideas and opinions expressed in France being represented in the European Parliament’ and the avoiding of fragmentation.

Why did the Court have to decide again?

European elections are governed by national electoral laws. A framework for these national laws is the European Electoral Act from 1976, which is drawn up by the European Parliament and adopted by the Council (Article 223 (1) of the Treaty on the Functioning of the European Union [TFEU]). In 2018, the Council voted to amend the Electoral Act and introduce electoral thresholds. According to the second paragraph of Article 3 of the Council Decision 2018/994, Member States may set thresholds of up to five percent. Constituencies comprising more than 35 seats are obliged to set a threshold of at least two percent. Only three Member States are currently allocated more than 60 seats: France, Italy and Germany. Since French and Italian electoral law already employ thresholds, this new rule would only affect Germany. In order for this Decision to come into effect though, the procedure of Article 223 (1) TFEU must be followed: Member States have to approve of the amendment ‘in accordance with their respective constitutional requirements’.

German constitutional law mandates that the national legislative bodies (Bundestag and Bundesrat) approve of the law with a two-thirds majority (Art. 23 (1) 3, Article 79 (2) of the Grundgesetz). Both decisions were reached in 2023. However, the Bundespräsident (head of state) has to sign the decision for them to come into full effect. Until this happens, the Council Decision has not been approved and the Electoral Act cannot be amended. 

The Court’s decision

German satire party Die Partei currently holds two seats in the European Parliament, having won a share of 2.4 percent of German votes in the last European elections. Their two Members of Parliament, one of which joined the Greens/EFA group, tried to stop the Electoral Act from coming into effect by calling upon the Bundesverfassungsgericht. They argued that, as previously decided by the Court, thresholds on the European level were unconstitutional. Substantively, they stated that thresholds infringe on the right to equal opportunities for minority parties and weaken democracy (para. 29).

However, the German Constitutional Court has longstanding jurisprudence on their competence ruling on national measures in the scope of EU law and has developed three tests. The Court only tests whether an EU act is ultra vires or whether the German constitution is affected at its core (Identitätskontrolle). It does not test Union law in light of national fundamental rights as long as EU fundamental rights provide a comparable level of protection (Solange II). The petitioners argued that the Council Decision was ultra vires and that it violated the constitutional identity. The Court found that the petitioners had not substantiated this claim enough. German approval of the electoral law amendment does not confer new competences to the European level, since Article 223 TFEU already exists. Therefore, the amendment does not overstep competences and is not ultra vires (paras. 93 f.). It also did not follow the petitioners’ claim that German democracy, and therefore the German constitution, were infringed. The EU holds itself to democratic standards. Though the EU’s interpretation of democracy might differ from the German interpretation, democracy as a constitutional standard is not affected at its core when modifications are made (para. 101 f.). EU legislative bodies are awarded a prerogative to assess and shape electoral law (paras. 121 f.).

In a departure from past decisions, the Bundesverfassungsgericht now sees the danger of a deepening rift in political views, resulting in more fragmentation of the Parliament (para. 17). It now argues that a stable majority in the Parliament is essential to its important responsibilities as a legislative body equal to the Council, in the creation of a Commission and the budget power. Since the two biggest groups in the parliament no longer hold an absolute majority in the Parliament, finding this majority proves to be more challenging (para. 123). Additionally, the groups’ ability to integrate different views is limited. Preventing a more fragmented and heterogeneous Parliament is therefore a legitimate objective.

The Court therefore rejected Die Partei’s motion. As a result, the German approval of the European Electoral Act amendment can now come into force.

Outlook

Will electoral thresholds be applied in the upcoming 2024 elections? No. The European elections in June will still be governed by the national electoral laws that have been in effect for the past few months. Additionally, Germany was only one of two Member States still pending approval: Spain has yet to approve of the amendment. Mandatory thresholds could eventually be applied in the 2029 elections.

However, maybe future elections will be held in accordance with very different laws. For quite some time, forces inside the European Parliament have pushed for a European Electoral Regulation that would be applicable in every Member State without national legal implementation. These drafts have often included proposals for transnational lists or pan-European constituencies. So far, these proposals have always failed to win over the approval of national governments in the Council.

It seems more likely that national legislation will adapt and that we will see fewer minority parties in the European Parliament. Let us hope that stopping fragmentation in the European Parliament will be a mirror of a less divided, less extreme European society.