On 26th November, Irish law firm Matheson published an article saying that the introduction of the EU General Data Protection Regulation (GDPR) has raised data protection to a board-level issue, as companies are faced with potentially vast fines in the event of an infringement of the GDPR. This has also led to an increase in the take up of cyber insurance policies, but the article asks are GDPR fines actually insurable? It says that the question of insurability of GDPR fines has not yet come before the courts in Ireland and the Data Protection Act 2018 is silent on insurability of administrative fines, though it points out that the legal doctrine of ex turpi causa prevents a claimant from pursing legal remedies in order to recover or benefit as a result of their own illegal acts, and then looks to English court cases involving somewhat similar fines and penalties – but says that, in Ireland at least, the question remains a grey area.
This blog is primarily for my own use, to keep informed and up to date. However, if you would like to say thank you (and perhaps help me get a new, better laptop when I am away…) you can “buy me a coffee” at https://www.buymeacoffee.com/KoIvM842y