On 26th November, Irish law firm Matheson published an article saying that the introduction of the EU General Data Protection Regulation (GDPR) has raised data protection to a board-level issue, as companies are faced with potentially vast fines in the event of an infringement of the GDPR.  This has also led to an increase in the take up of cyber insurance policies, but the article asks are GDPR fines actually insurable?  It says that the question of insurability of GDPR fines has not yet come before the courts in Ireland and the Data Protection Act 2018 is silent on insurability of administrative fines, though it points out that the legal doctrine of ex turpi causa prevents a claimant from pursing legal remedies in order to recover or benefit as a result of their own illegal acts, and then looks to English court cases involving somewhat similar fines and penalties – but says that, in Ireland at least, the question remains a grey area.

This blog is primarily for my own use, to keep informed and up to date. However, if you would like to say thank you (and perhaps help me get a new, better laptop when I am away…) you can “buy me a coffee” at

Author: raytodd2017

Chartered Legal Executive and former senior manager with Isle of Man Customs and Excise, where I was (amongst other things) Sanctions Officer (for UN/EU sanctions), Export Licensing Officer and Manager of the Legal-Library & Collectorate Support Section

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s