Logo Lener
ES • EN • CA
  • The Firm

    Who we are

    CSR

    Partnerships
  • Practice areas

    Restructuring

    Legal and Tax

    Corporate and M&A

    Labor and LRP

    Tax

    Litigation and Arbitration

    Real Estate and Urban Planning

    Public law

    Compliance and Corporate Governance

    Insolvency Adm.
  • Sectors

    Healthcare

    Hotel

    Real Estate

    Agri-food

    Foundations and NGOs

    Private Wealth

    Transport

    Construction and Public Works
  • Corp.Finance
  • Professionals
  • Current Events
  • Talent
  • Contact

Security breaches in companies

10/03/2022

Security breaches in companies

Flash informativos

The Supreme Court delimits the liability of companies in the event of security breaches

The High Court establishes and limits the duty of diligence, and the control of the effectiveness of security policies.

The publication of the recent ruling issued by the Supreme Court, Ruling No. 188/2022, of February 15 (JUR/2022/78935), has been received with great expectation, given the influence that its content and pronouncements may have on the future criteria to be adopted by the Data Protection Agency (AEPD) and the National Court on security breaches.

The uncertainty generated in different positions of the AEPD, has meant that the employer who scrupulously complies with the regulations, who has adopted periodic controls and applies the technical and organizational security measures according to the risk, in the face of circumstances beyond his control that could cause a security breach, could suffer a damaging result and therefore the imposition of a very significant penalty.

The Court confirms a penalty of 40,000 € imposed by the Data Protection Agency on a company distributing telephone products, as responsible for a serious infringement, which was in turn confirmed by the National Court, and more importantly, goes into depth to analyze the merits of the legal issue raised, reasoning whether the security measures are an obligation of means or an obligation of result.

  • In the obligation of result, the company is liable for a harmful result due to the failure of the security system, regardless of the cause and the diligence used. In the obligation of means it is sufficient to establish technically adequate measures and implement them with reasonable diligence in accordance with the technology available at any given time.

The Court in its Legal Grounds (Third, Fourth and Fifth), establishes a series of considerations and pronouncements of great practical and legal significance, which we highlight in the following document, as well as the conclusions:

In conclusion, as can be interpreted from this resolution, risks are spreading among different businesses and technologies, forcing companies to go one step ahead, rethinking current technologies and implementing diligent, agile approaches that understand security from a living and changing perspective, not relying on static and established security paradigms.

 

Lastest News

Infrastructure Financing
17/12/2025
The wealthiest foreigners are “sneaking in” as remote workers after the end of the 'golden visa'
11/12/2025
Real Estate Challenges 2026 - FlexLiving and new housing solutions
10/12/2025

Subscribe to the newsletter

See our latest news

Join
Suscribirse a la newsletter
* indicates required

Los datos personales recabados a través de este formulario serán tratados por LENER ASESORAMIENTO EMPRESARIAL, S.L.P. como responsable del tratamiento, con la única finalidad de gestionar el envío de comunicaciones comerciales. Podrá ejercer sus derechos de acceso, rectificación, supresión, oposición, limitación del tratamiento y portabilidad, así como cualesquiera otros reconocidos por la normativa vigente, dirigiendo su solicitud al Delegado de Protección de Datos en: privacidad@grupolener.es. Dispone de información completa sobre el tratamiento de sus datos en el siguiente enlace: https://www.lener.es/politica-de-privacidad.

Logo Lener
ISO
Madrid•
Barcelona•
Oviedo•
Valladolid•
Vigo•
Sevilla
Paseo de la Castellana, 23 | 28046 - Madrid | +34 913 912 066
Lener © All rights reserved  |     |   Privacy Policy  |   Security Policy  |   Cookies Policy  |   Legal Notice
Web design: Social Lex & Fontventa