I. There is no Erin Brockovich in Europe
I am a huge fan of Julia Roberts. In 2000, she starred in “Erin Brockovich,” a real-events-based film on the homonymous woman who uncovered how an energy giant knowingly contaminated the Hinkley community’s groundwater, causing serious illnesses among its residents. The film is a symbol of collective redress: a group of victims, united by a shared harm, successfully claiming compensation against a powerful corporation.
What if today’s “contamination” is not chemical but digital? What if the victims were not a visible community of neighbours but scattered groups of users grouped solely by a machine’s predictions? If an algorithmic system harms these invisible groups today, the legal path to justice is far less clear than it was for the residents of Hinkley.
Collective actions in the quest for digital fairness have gained traction in the past ten years in Europe. The Representative Actions Directive (RAD, 2020/1828) enables consumers to seek redress through “qualified entities” (QE) (Article 4), designated by the Member States. Before that, the GDPR (2016/679) already allowed for the “representation of data subjects” (Article 80 (2)). The Digital Services Act (2022/2065) also dedicates a provision to the “representation” of users (Article 86 and Article 90). The Digital Markets Act (2022/1925), in its Article 42, also refers to RAD for infringements that may harm consumers. Finally, the AI Act (2024/1689) has been described by the Commission as a tool, not governing the technology, but its uses by consumers. Interestingly, it has no standing clause on collective redress, but Article 110 adds the AI Act to Annex I of the RAD, thus making the qualified entities under the RAD competent to bring actions against infringements of the AI Act. Therefore, collective redress is moving from a GDPR overlooked provision to a compliance risk, spanning data, consumers and AI regulation.
However, unlike the class action framework available to Brockovich’s plaintiffs, those acts fit imperfectly together. Tensions arise because each was written for a different purpose and embeds different procedural choices. For example, the RAD protects consumers while the GDPR, data subjects. Moreover, the same data protection or AI dispute can fall under more than one different collective action frameworks with different filters and remedy measures. For example, the procedural filters for admissibility under the GDPR are left to national courts while the RAD details an EU-level filters (Article 7 (3) RAD). This means that digital companies have an interest in forum shopping their litigations so that they avoid cross-border spillsFootnote 1 or too harsh remedies.Footnote 2
While all those tensions merit a separate examination, I focus on the triptych GDPR, RAD and AI Act in order to show how the notion of “groups of persons” in the AI Act creates a new class of collective victims, algorithmic and inferred groups, whose harms sit uneasily between the individual-centric GDPR and the consumer-centric RAD. Because the AI Act refers to groups yet offers no standing rule, those groups can fall into a remedial vacuum where they may be non-consumers (hence excluded from RAD), anonymous data subjects (hence outside GDPR), or both. The practical effect is a mismatch between the Act’s risk-based logic and the EU’s litigation gateways, leaving systemic harms, collective manipulation, biased scoring and group surveillance, largely unactionable in court.
This paper asks three questions. First, can existing representative action measures be stretched to include group data protection harms generated by high-risk AI systems? Second, where do doctrinal or procedural gaps persist. Finally, how might those gaps be closed so that the three legislative acts could be realigned to ensure collective redress for group harms? In other words, what is the current and what is the potential of collective actions as a tool of digital fairness?
Using doctrinal comparison of the GDPR, RAD and AI Act, supported by brief case study snapshots of recent case from the Netherlands (TPC v Oracle/Salesforce) and another one from Germany (C-319/20) the paper traces where algorithmic “groups of persons” currently fall outside both consumer and data subject pathways. It then distils these findings into a concise blueprint of potential solutions that Member States can import when transposing the RAD and operationalising the AI Act. The outcome is a practical model for closing the enforcement gap and aligning collective litigation with the EU’s digital fairness agenda.
This paper does not argue that collective redress can remedy all forms of group-related harm independently of substantive law. In some cases, especially where a practice falls outside the scope of data protection law because no personal data relating to an identified or identifiable person is processed, the obstacle is first a substantive one rather than a remedial one. This paper does not offer a substantive reinterpretation of existing law, and this is why the issues emerging from the concept of “personal data” are not analysed. The contribution is narrower. The paper examines the remedial consequences of the EU’s individualistic rights architecture and analyses how, ceteris paribus, collective standing and compensation could better address group-related harms where EU law already applies, where group-based inferences are later operationalised in relation to identifiable individuals, or where the AI Act recognises groups as bearers of risk without providing a corresponding collective redress mechanism. The analysis, conclusions and recommendations are thus developed within the constraints of the current legal framework, while also seeking to inform the discussion ahead of future legislative revisions, particularly ahead of the 2028 evaluation of the GDPR, AI Act and RAD.Footnote 3
Before proceeding, two clarifications are necessary regarding the terminology used in this paper. First, regarding “redress,” while the term encompasses a range of measures,Footnote 4 throughout this text, “redress” is used primarily as a synonym for compensation. This distinction is crucial because while obtaining injunctions for AI harms is procedurally feasible under current EU law, securing compensation for “inferred” non-identifiable groups remains the primary legal hurdle. Second, regarding “digital fairness,” it is treated as a tangible standard of enforceability. Digital fairness here implies the existence of an effective procedural path to a remedy. If a group is protected by the AI Act’s risk assessments but lacks the standing to claim damages when that risk materialises, the system may be deemed structurally “unfair.”
The paper proceeds as follows. Section II provides a comparative overview of the relevant legislation (GDPR, RAD and AI Act), describing the current landscape of collective redress and identifying the specific procedural choices that create friction. Section III establishes the conceptual framework by defining the “group.” It distinguishes between organised, inferred and vulnerable groups to pinpoint, which collective entities fall into the enforcement gap. Section IV examines two representative use cases which feed the following Section V, which addresses a common fear of “abusive litigation,” and proposes a way forward. Finally, Section VI concludes.
II. JEU collective redress landscape: an overview and comparison
1. The GDPR: bound by a mandate
The typical analysis of the GDPR focuses either on principles or rights, overlooking an important right entirely, as if its existence is taken for granted. This is the right to lodge a complaint with a supervisory authority and seek redress. Articles 77–82 are the procedural basis for any one case ever pronounced by the CJEU. And yet, perhaps with the exception of Article 82 (right to compensation),Footnote 5 the right to mandate an organisation or the latter to initiate a proceeding by virtue of Article 80 (2) is as invisible to data protection dragomans as the lawful basis for processing is for some tech companies. In order to outline the remedies available in the GDPR, it is necessary to signpost the subject matter and scope of the Regulation as a framework setter.
The GDPR’s role is to translate the constitutional right to data protection (Article 8 EU Charter) into enforceable law, covering all natural persons who are in any way affected by personal data processing. The GDPR establishes the requirements for lawful data processing, the rights and remedies of natural persons, as well as the duties concerning obliged parties. From this one-sentence summary of the Regulation ensue several consequences.
First, the GDPR does not cover purely group-level inferences that can never be related back to identifiable individuals, and people can be harmed by the application of a model trained on others’ data, even where no personal data about them is processed. Second, the EU data protection law protects two types of citizens and excludes all the rest. The first type is any living person whose data is (being) processed (natural person). The second type are data subjects. Those are natural persons who are identified or identifiable in relation to a specific processing. Contrary to common usage established in scientific slang, the two terms are not interchangeable and at the same time not mutually exclusive.
A closer reading of the Regulation shows that subtle but important distinction. While the GDPR applies to all people, “natural persons” as the general category, the “data subject” is the particular case: a natural person who is identified or identifiable in relation to a specific processing operation. That is, there is, or may be, a reasonable link between the information and that person. Article 4(1) provides the definitional bridge, “personal data” is any information relating to an identified or identifiable natural person (data subject), signalling the equal standing of the terms. Still, “data subject” is the operational term tied to concrete rights and information duties (Articles 12–22, Recitals 11, 26, 32), to enforcement (Articles 77–82), and to the controller’s obligations that implement those rights. Accordingly, it is the specific data subject whose data must be processed lawfully (Article 5), who gives consent (Articles 6, 7), and who exercises rights (Articles 12–21). Most importantly, it is the data subject who can refer to data protection authorities and enforcers. The literature generally agrees that the GDPR primarily concentrates on data subjects and “the impact on the protection of the individuals whose personal data are being processed,”Footnote 6 while not addressing potential implications for natural persons outside the status of data subject. Reading the Regulation’s rights and duties, it is apparent that the data subjects are exclusive managers and holders of their rights, irrespective of any other impacted parties. Available remedies pursuant to Articles 77–80 GDPR confirm that.Footnote 7 This means that although data protection aims to protect a broader set of individuals (natural persons), who may be affected by data processing, the GDPR in reality offers safeguards and direct enforcement tools to a narrower set of people (data subjects) and excludes all the rest, including anonymised and inferred thereof data.
Article 80 is a particular case because it is fully aligned with the whole data subject-centric model of the GDPR, although at the same time, lets Member States broaden the provision’s standing criteria. First, paragraph 1 clearly indicates that the data subject is the one, from whom the mandate empowering a third body, emanates. This suggests that an individual has to have gained knowledge of the breach, and second, to empower another party to claim liability.Footnote 8 That third party could not only request injunctive measures on behalf of the data subject but could also request compensatory measures.
Second, Article 80 (2) further extends this by allowing, under national law, that the same organisations referred to in the previous paragraph could exercise the rights in Arts. 77–79, “independently of a data subject’s mandate.” This is the closest provision to a collective redress mechanism, which could be found in the GDPR. Not without caveats, however.
It has been interpretedFootnote 9 to allow entities to initiate proceedings before the competent courts, without any mandate from data subjects, where they consider that a controller or processor is in breach of the GDPR. Several observations follow. First, data subjects that may be protected under this paragraph (Article 80 (2)) remain within the general paradigm of identifiability. This is so, because entities seeking to bring collective actions must be able to link the potential breach to at least one identified or identifiable person, who does not need to personally mandate that entity. In other words, proceedings in abstracto are not possible. Importantly, this provision operates as a venue to address undue processing potentially affecting rights, rather than to allocate compensation through a redress tool.Footnote 10 Second, the practical effectiveness of this provision is unclear, since “domestic laws – typically general procedural or consumer laws in some Member States that allow for mass damage claims without a mandate are inapplicable to data protection claims.”Footnote 11 It follows that paragraph 2 of Article 80 is better viewed as an exception, an “option,”Footnote 12 to be implemented by national parliaments according to their legislation,Footnote 13 rather than a structural feature of the legislative architecture underpinning data protection law.
Generally, implementation is divergent and dependent on national consumer and procedural regimes,Footnote 14 where rules on collective actions are found and where GDPR claims constitute one category within a broader procedural framework. However, the Regulation establishes the basic standing criteria and admissibility requirements.
At the same time, processing may implicate the rights and freedoms of any natural person, especially in profiling. Compare these two parts of Recital 91:
large-scale processing operations which aim to process a considerable amount of personal data … and which could affect a large number of data subjects and which are likely to result in a high risk … to the rights and freedoms of data subjects, in particular where those operations render it more difficult for data subjects to exercise their rights
and
impact assessment should also be made where personal data are processed for taking decisions regarding specific natural persons following any systematic and extensive evaluation of personal aspects relating to natural persons based on profiling those data or following the processing of special categories of personal data …
Other non-exclusive examples could be found in Article 6 (1)(d), Article 9 (2)(c),Footnote 15 Article 18 (2),Footnote 16 Article 20.Footnote 17 This confirms that not only data subjects but also other persons can be affected by high-risk processing and suffer harms to their rights and freedoms, including discrimination,Footnote 18 although their data has never been processed. Risk, therefore, must be assessed contextually against others’ rights.
From this architecture ensues a structural challenge. While the GDPR lays down safeguards for all natural persons potentially affected by personal data processing, it operationalises rights, standing, and remedies almost exclusively through the narrower status of the identifiable data subject, with Article 80 merely reproducing this data subject-centric model by bonding representation to individual mandates and identifiability, relegating mandate-free actions under Article 80 (2) to an optional, non-compensatory exception. This creates a systematic mismatch between those whose rights may be put at risk by high-impact, profiling-driven processing and those who can actually trigger enforcement mechanisms, leaving natural persons who never crystallise into “data subjects” in a given proceeding or have lost this status (when anonymised or inferred) without meaningful access to safeguards or collective redress.
2. RAD: bound by identification
The Representative Actions Directive (RAD)Footnote 19 establishes the mechanism for the protection of the collective interests of consumers (more precisely, groups of consumers) exercised by designated qualified entities (QEs) by a Member State (Article 4 RAD). A consumer is defined as “any natural person who acts for purposes which are outside that person’s trade, business, craft or profession.”
The Directive distinguishes injunctive measures in Article 8 and redress measures in Article 9. Injunctive measures typically involve provisional or definitive orders to cease or prohibit an infringing activity. RAD injunctions do not require individual consumers to mandate an organisation expressly, nor the QE to prove the consumer’s loss or fault according to Article 8 (3).
Redress measures foresee remedies such as compensation, which generally require that consumers (1) “explicitly or tacitly” express their wish to be represented, after the action has been filed, and (2) whether they wish to be bound by the outcome (Article 9(2)). Where individuals are not specified beforehand, a description of the group of consumers concerned defines the beneficiaries, Article 9 (5).Footnote 20
Both, injunctions and redress claims, could be pursued against GDPR infringements under Article 2 (1) and Annex I RAD. The CJEU confirmed that the GDPR does not preclude national consumer law representative actions without a mandate alleging GDPR infringements.Footnote 21 However, given that the GDPR would take precedence in data protection matters involving redress measures,Footnote 22 compensation claim without a mandate, therefore, without consumers’ identification, would be unlawful because it would contradict the legislators’ intention with Article 80 (2) GDPR, where pursuing compensation under Article 82 GDPR without the express mandate of the damaged is prohibited. The intention is to prevent frivolous claims driven by pecuniary incentives. This is why, in C-319/20, the Court did not expand Article 80 (2), it simply established that Article 80 (2) “does not preclude” national law from allowing mandate‑free actions for non‑compensatory relief. This is also the reason that Member States generally permit mandate-free (GDPR-related) representative actions but confine them to injunctions. When compensation is sought, the national provisions require an opt-in mechanism, i.e., a mandate or a court-approved beneficiary list.Footnote 23
The practical consequence is that an injunction claim (Article 8 RAD, Article 80 GDPR) benefits all affected persons: data subjects, consumers, natural persons, including those emerged from inferred profiling. In contrast, compensation for material or non-material damages (Article 9 RAD, Article 80 (1) GDPR) benefits persons who participate and can be linked to the unlawful processing to meet the GDPR’s causation test. Recent judicial practice confirms that. For example, in the Netherlands, mass data protection suits proceed under the opt‑out WAMCA.Footnote 24 Germany’s new Consumer lawFootnote 25 likewise pairs a mandate-free injunction with a register-based redress stage.Footnote 26 France shows the same pattern for the injunction phase, but any damages are limited to consumers who opt in after liability.Footnote 27
From this dual-track architecture ensues a structural tension. While RAD-based, mandate-free injunctions align with the GDPR in the abstract and thereby protect the collective interests of all affected persons, the moment the procedure seeks compensation it returns back into a narrow, identification- and mandate-bound model that only reaches consumers who opt in or are placed on beneficiary lists. In practice, this decoupling between broadly shared injunctive benefits and individually gated redress encapsulates a systematic under-compensation of large, risk-exposed groups, especially those emerging from inferred or large-scale profiling, whose rights are infringed collectively but whose access to damages remains conditioned on individual participation and their identification.
In connection with that, a further difficulty arises from Article 9 (5) RAD. Redress is tied to a “description of the group of consumers concerned,” and it remains unclear how to capture those whose existence is purely inferential. Algorithmically assembled, risk-exposed groups converge into stable, observable categories. Describing “inferred people” in legally operational terms without re-identifying them individually, therefore, becomes a conceptual and practical hurdle, one that the current RAD/GDPR does not resolve.
3. AI Act: bound by annex I RAD, unbound by redress
The Artificial Intelligence ActFootnote 28 (AI Act) establishes the different stakeholders’ duties involved in the deployment chain of AI systems by laying down a tiered risk-based approach. Practically, it is a product safety law. The adopted version of the AI Act acknowledges the role of AI in multiple aspects of life as well as the responsibility of third parties. Nevertheless, this attestation, along with additional industry obligations, does not amount to an effective protection as much as a proper redress mechanism in case of a tort. It does not develop targeted and detailed collective redress tools, similar to the ones in regulations already mentioned. Interestingly, the text acknowledges specific and vulnerable groups. This happens across the whole text. For example, Article 5 prohibitions,Footnote 29 data governance (Article 10(3), Recital 67), performance report for specific groups (Article 13), risk-management and impact assessment duties (Article 9(9), Article 27, Recital 96).
The enforcement, however, is established only through individual public and private enforcement mechanisms. The first one is found under Chapter IX, Section IV. The “remedies” available are limited to the right to lodge a complaint with the market surveillance authority (Article 85). Therefore, it is limited to a single individual, “having grounds to consider” that has been damaged, and the respective authority. Also, under the same Section are the right to explanation (Article 86) and protection of whistleblowers (Article 87). Parallel to Article 85 stands any other administrative or judicial remedy as a private form of enforcement. Despite the emphasis on the protection of human dignity and autonomy from AI’s adverse effects,Footnote 30 ensured by human oversight (Article 14), transparencyFootnote 31 and additional industry requirements such as an impact assessment (Article 27), they do not amount to an adequate protection as much as a standalone redress mechanism, especially for collective damages, which was present in the draft of the Regulation.Footnote 32 Instead, Article 110 integrates the AI Act into Annex I RAD, so the QEs can bring representative actions for AI Act breaches seeking injunctions and redress under the RAD’s procedural instruments.
From this regulatory design ensues the following challenge. While the AI Act explicitly recognises specific and vulnerable groups and assigns providers with ex ante risk-management, transparency, and impact-assessment duties, it ultimately addresses ex post enforcement through individualised remedies, the right to complain to market-surveillance authorities, and ordinary private law actions. In addition, it outsources any collective dimension to the generic RAD instrumentarium in Article 110. In practice, this means that those most exposed to systemic, group-level harms from high-risk AI are addressed as abstract risk categories at the regulatory stage, but are left without a mirroring AI-specific collective redress mechanism when harm materialises, relying instead on a consumer law that neither matches the breadth of the AI Act’s protected “groups” nor its risk-based logic.
The next Section continues the analysis by building a conceptual framework of the missing others in the legislation.
III. Individuals, consumers and persons: conceptual framework for “groups”
The previous sections showed that the GDPR, the RAD and the AI Act are built around different primary beneficiaries: data subjects, consumers and persons affected by AI risks. In all three regulations, standing and remedies largely remain linked to identifiable individuals, either data subjects or consumers. The following lines identify the harm-bearer that the enforcement architecture struggles to reach. It develops the analysis by specifying what is meant by “groups of persons” in the context of AI‑driven processing and why those groups matter for digital fairness.
Building on the literature on group privacy,Footnote 33 the argument here is that automated systems act on people as members of inferred groups aimed at ensuring certain model performance. These groups can be socially recognisable (a linguistic, ethnic minority),Footnote 34 purely algorithmic (potential voters estimated by clicks on a meme)Footnote 35 or defined through their vulnerability risk (handicapped, age, sex).Footnote 36 The result is a structural mismatch. The law increasingly refers to groups when assessing risk (AI Act),Footnote 37 but it does not include collective redress alongside the individual mechanism.
This Section proposes a conceptual framework for the rest of this paper. First, it builds a workable taxonomy of the “types” of groups (3.1.) and distinguishes between organised groups, inferred groups, and legislatively recognised vulnerable or risk-exposed groups. Second, it shows how these groups emerge across the analysed legislation and why it matters (3.2.). It evidences the contrast with the procedural register used in the law where “group” refers to the collective of claimants or beneficiaries assembled for the purposes of representation, admissibility, and redress in litigation. The following paragraphs highlight the mismatch between the reality of AI clustering and group-level harms and the EU collective litigation tools, which are primarily intended for aggregating identifiable claimants.
1. Types of groups: organised, inferred and vulnerable
For the purposes of this paper, “groups of persons” affected by AI systems can be divided, conditionally, into three categories: organised groups, inferred groups, and vulnerable groups singled out by the legislator.
First, organised groups are communities that are usually visible outside the data processing context: NGOs, professional organisations, cultural or religious minorities. They are typically self‑aware and often (self-)organised. Frequently perceived as natural in many cases, these groups are often recognised in law as communities deserving legal protection. The notion of group privacy, as developed in literature,Footnote 38 is primarily concerned with such groups.
When those groups are affected by AI systems (for example, when a trade union is profiled as “high‑risk” for protest activities, or a specific neighbourhood is treated as a high-risk crime zone), the harm is not only to isolated individuals but spreads to all those considered part of it.Footnote 39 EU data protection and consumer law mostly see these entities either as controllers (the whole collective) or as aggregations of individual rights‑holders, not as victims in their own right of AI-driven inferences. Organised groups have collective interests and agency.Footnote 40
Second, inferred groups are a category of groups that do not pre‑exist the data processing operation but are designed by the AI model. These are the groups that arise when an AI system clusters people based on interpreted observables (behavioural and inferred preferences).Footnote 41 Here, the defining feature of the group is not a shared social identity, but a matching label in a model’s identified pattern, such as “likely credit defaulters,” “users susceptible to gambling ads,” or “teenagers with elevated depression risk.”
Three characteristics make such groups central to this paper. First, they can be created even when no member is directly identified at the point of model design or training. The model may be trained on anonymised or pseudonymised data and still output operationally meaningful groups.Footnote 42 Secondly, they are often fluid and contextual. This means that the same person can belong simultaneously to multiple inferred groups, and membership can change as more data is collected or as the model’s purpose recalibrated.Footnote 43 This means that the people clustered in that way would not be aware that they have been grouped. Third, those groups are targeted as one single unit, not as an aggregation of their identified or identifiable members. Hence, they are harm-bearers, as groups, not as single individuals, and yet, they lack agency or self-awareness in order to claim cure for any wrong.
Thirdly, vulnerable groups is a category found in EU legislation itself. The AI Act is structured around risk and repeatedly refers to risks to “persons or groups of persons,”Footnote 44 often with explicit attention to specific or vulnerable groups. Prohibited practices and high‑risk obligations are justified by reference to the effectsFootnote 45 that systems may have on, for instance, children, persons in vulnerable situations, groups historically subject to discrimination, or populations exposed to particular surveillance or scoring practices.
These risk‑exposed groups partly overlap with organised and inferred groups, but they are defined from the standpoint of regulatory concern. A risk‑exposed group is any group defined legally ex ante as a relevant segment of the population triggering a risk assessment, monitoring or mitigation safeguards under the AI Act. The law thus already treats groups as relevant bearers of risk in the sense that an AI system can be high‑risk because of what it does to a group in society, conceived as an aggregation of all the persons exhibiting a certain saliency (age, handicap).Footnote 46
However, as the following subsection argues, this emerging group vocabulary is only partially reflected in the core redress gateways of the legislation.
2. Three shells and a pea: groups in the GDPR, RAD and AI act
As already suggested in the previous lines, these lines seek to establish where, and whether, collective harms and “groups” appear in the GDPR, RAD or AI Act. The question is not whether groups exist ontologically but how the law translates them procedurally into legally operationalisable units for standing, representation, and redress.
First, the GDPR is structurally organised around the figure of the data subject. This is an identified or identifiable natural person whose personal data is processed. Its key concepts, “personal data” (Article 4 (1)GDPR), “processing” (Article 4 (4)GDPR), data subject rights as well as their available remedies, are all defined at the individual level. References to data subjects in provisions on impact assessments (Article 35 GDPR) acknowledge that processing can affect many people at once, but only as a reason to intensify safeguards, not as a separate layer of harm.
In particular, the Regulation contains no standing or remedy provision that treats a group as a unit that potentially could bear harm, independent of its members. Article 80 (2) GDPR allows certain organisations to act without a mandate, but still “on behalf of data subjects” and definitely without the possibility to seek compensation. Even where the infringement is inherently on a collective level, for example, discriminatory profiling that targets an inferred group drawn from anonymised data, any compensatory claim must ultimately be conducted back through individually identifiable data subjects. Anonymous or purely inferred persons fall outside the scope of the GDPR’s remedial framework, even if they are affected in practice. Thus, in essence, in the GDPR groups of persons are set as a background, a potentially affected by unlawful or harmful processing other natural persons but it is only the individual or individuals (in the context of Article 80 GDPR) who are the ultimate rights holders and persons to be owed regulatory obligations. This is why the groups in the GDPR are clustered into either organised or vulnerable categories. A possible criticism is that there is essentially no gap, since, although processing anonymised data may not fall under GDPR, once these statistical insights are linked to an individual, the GDPR’s applicability is reinstated.Footnote 47 It demonstrates that certain cases can trigger the GDPR applicability once an individual becomes identifiable.Footnote 48 However, the paper’s main argument is that this translation process itself is problematic. The law perceives harm only when it is reconstructed through identifiable persons, whereas the broader collective harm that caused it stays procedurally hidden. Enforcement and compensation are reestablished through data with identifiable individuals, even though the original harm was collective. This leads to a situation where there is no law missing per se, but a systematic loss of the collective aspect of harm at the crucial stage when standing, causation and compensation are assessed. This mismatch remains across the GDPR, the RAD, and the AI Act.
Second, the Representative Actions Directive moves closer to a group vocabulary, but only in a limited way. Its core concern is the “collective interests of consumers” (Article 3 (3), RAD), and its remedial framework is built around national qualified entities (Article 4, RAD) that can seek injunctions and, under certain conditions, redress. Article 9 (5) RAD explicitly allows potential beneficiaries of a redress measure to be defined by “a description of the group of consumers affected” (Recital 49 RAD), without explicitly identifying all individuals in advance.Footnote 49 This does not change the general premise of identifiability. It is rather a temporary solution while the proceeding is in course.
Thus, the group remains a descriptive term for identifying which consumers may benefit from the outcome, not a subject of rights in its own name. Standing requirements still depend on the QE’s designation under national law, admissibility and remedies remain tightly coupled to whether affected persons are consumersFootnote 50 and whether they opt in or are captured by an opt‑out mechanism. Non‑consumers (such as workers or businesses), anonymous data subjects or purely inferred individuals fall outside the RAD, even when the context of their harm closely resembles that of consumers. Thus, the RAD includes groups of consumers as beneficiaries of any administrative or judicial remedies due to the infringement of their “collective interests,” as part of a broader, yet diffuse “general interest of consumers.” Therefore, the logic of the Directive is that there is more than one affected consumer, as such they have “collective interests,” the aggregation of their “collective interests” gives rise to specific enforceable collective action to adequately protect specific segment of consumers, who otherwise would not be properly protected.Footnote 51 In other words, the RAD acknowledges that collective harms, based on an infringement of a collection of individual interests, give rise to the collective right to remedy. Therefore, the group of consumers as referred in the RAD are practically the groups referred to earlier as organised or vulnerable groups and conceived as an aggregation of individual interests and rights.
Finally, and similarly, the AI Act refers to “persons or groups of persons” as potential bearers of harm. Its prohibitions, and high‑risk obligations are justified by reference to the effects that AI systems could have on specific groups. For example, AI systems could manipulate the behaviour of vulnerable groups, exacerbating bias against protected minorities, or exposing communities to intrusive surveillance (Article 5 AI Act).
Yet when the Act turns to enforcement and remedies, the group largely disappears. Public enforcement is streamlined through market surveillance authorities and notified bodies. Private enforcement is reduced to a right of “any natural or legal person” to lodge a complaint (Article 86) with the competent authority or to seek remedies under other applicable law. There is no specific standing or collective redress mechanism for groups, nor any explicit recognition of algorithmic group privacy as such. Instead, the Act relies on Annex I RAD to make breaches of its provisions litigable through consumer‑style representative actions, again, primarily for consumers and identifiable individuals. Thus, “groups of persons” exist in the taxonomy of the AI Act as far as they fit a pattern of vulnerability (generally, “age, disability or a specific social or economic situation”) or inference.Footnote 52 Thus, while they fit in the risk-based vulnerability and inference group categories, described above, they have been removed from the AI Regulation redress mechanism.
The reading of the three documents shows a clear asymmetry. At the level of risk assessment, system design and prohibitions, the AI Act in particular acknowledges that groups of persons are potential harm-bearers due to their vulnerability. At the level of rights and remedies, however, the GDPR and RAD still treat groups at best as aggregation of individual data subjects or consumers. The consequence for the notion of “groups of persons” is twofold: it is central to how AI‑related harms are conceptualised and at the same time inexistent in litigation. Bridging this gap requires reconceptualisation moving towards a notion of collective redress.
3. From individual procedure to collective redress
EU data protection has historically relied on individual consent and individual rights as the main instruments through which citizens exercise control over their data. The GDPR but also the RAD and AI Act, presupposes a data subject who is at least in principle able to understand information, make choices, and seek redress for unlawful processing of his or her personal data. The technical and commercial reality of AI-driven processing, however, undermines the conditions under which this individual-centric model can effectively function.
First, many relevant harms are produced by models acting on inferred or vulnerable groups as acknowledged in legislation. Individuals may have never voluntarily provided the data used to profile them, or they may have consented to a narrow processing purpose that bears little resemblance to the subsequent inferences. Secondly, harms materialise at the level of the group as an independent entity, through biased scoring, exclusion, targeted manipulation of vulnerable groups, or systematic exposure to particular content. The systemic character of these harms cannot be fully captured by asking whether a given individual received adequate information or ticked the right box.
In this environment, fairness, one of the organising principles that informs the GDPR,Footnote 53 the RAD’s consumer protection rationale, and the AI Act’s risk and tiered-based approach cannot be reduced to procedural pathways. What is at stake is whether real living people can meaningfully influence how they are represented, targeted and treated by AI systems, and whether the law can recognise and remedy harms that arise from those group-level representations.
Seen from this perspective, the collective redress gap identified in Section II is not a merely technical mismatch between instruments. It reflects a deeper normative lag: EU law has already acknowledged harms on “groups of persons,” but it has not yet fully integrated group-level harms into its mechanisms of accountability and compensation. As long as compensation and standing remain tied to individually identifiable damage, inferred but also vulnerable groups will remain underprotected by procedural locks while the concept of fairness will remain an aspiration rather than a court standard.
After having identified inferred groups as distinct harm-bearers, and by framing the problem as a transition from individual procedural fairness to collective fairness, the next lines showcase how the remedial vacuum impacts court’s practice.
IV. Groups in practice: TPC v Oracle/Salesforce and C-319/20
This Section grounds the conceptual analysis in two concrete cases from the Netherlands and from Germany. Both involve large-scale data driven practices and both test, in different ways, the limits of existing collective action mechanisms. Those selected cases show, first, that even in a procedurally progressive jurisdiction such as the Netherlands, the identifiability constraint remains the ultimate determinant of who receives compensation, second, the CJEU’s confirmation that without a mandate, only injunctive measures are possible, and third, where inferred groups sit between the available to the data subject and to the consumer tool for protection.
The first case is an action brought by a Dutch foundation in the Netherlands against Oracle and SalesforceFootnote 54 under the opt-out Dutch Act on Redress of Mass Damages in Collective Action (WAMCA) and Dutch tort law, combined with Article 82 GDPR. The action targets Oracle’s and Salesforce’s data management platforms and their role in real-time bidding (RTB) advertising. According to TPC, the defendants place third-party cookies on users’ devices, enrich those data with further tracking and profiling, and auction access to detailed profiles in RTB markets without valid consent, thereby violating the GDPR. TPC claims non-material damage on behalf of 10 million Dutch internet users.
The case itself produced important guidance,Footnote 55 however, given it is a national case, and thus not immediately exportable EU-wide, from the perspective of this paper, three points stand out.
First, the definition used “all Dutch internet users whose data were processed,” treats a group as the basic unit of harm. Yet standing and remedies are still routed formally through data subject language: the claim is ultimately based on Article 82 GDPR and Dutch tort law, which presuppose identifiable individuals,Footnote 56 even if WAMCA permits an opt-outFootnote 57 structure where the group is initially defined abstractly.
Second, the Court of Appeal’s willingness to accept non-material privacy damage at scale cuts against the narrowest readings of Article 82 GDPR and shows that collective adjudication of intangible harms is possible, provided that damages can later be differentiated by category.Footnote 58
Third, the inferred, cross-border nature of the group remains a challenge for both GDPR and RAD mechanism. Only Dutch users are within the WAMCA class while non-Dutch users similarly exposed to the same RTB practices fall outside. Moreover, the WAMCA tool is a national collective action, not a RAD transposition, and it says nothing about groups under the AI Act whose members may be unknown or anonymised at the time of training and deployment.
Fourth, while a specific segment in society (Dutch internet users) is treated as a group, thus as a whole, for the sake of this paper, it is relevant to highlight that these groups remain within the realm of organised groups as defined above. This is so because the group of Dutch internauts is immediately visible (everyone using the Internet), potentially self-aware (the damage is claimed for everyone using Internet, I use Internet then I am part of them), organised (there is a Dutch Internet Society)Footnote 59 and it is pre-existing the processing.
The second case, C-319/20 (Meta v BVV)Footnote 60 arose from a German action in which a consumer organisation challenged Facebook’s App Center practices as unfair commercial practices and as infringing data protection provisions. The App allows users to use it freely but it is bound by an acceptance of sharing personal data to third parties and the ability of those to publish data on behalf of the user. The case concerns a design-driven distortion of consent (arguably a “dark pattern”) where the harm is structural because all users are confronted with the same deceptive interface, leading to an individualised but also potentially collective harm because the information shared and processed could imply other individuals who never volunteered their data. Importantly, the proceedings were initiated without specific data subjects’ mandate and this was the core question.
The Court held that Article 80 (2) GDPR allows national law to bring representative actions in the absence of a mandate, provided the action seeks to protect data protection-related interests and is not aimed at claiming compensation on behalf of individuals. Furthermore, there is no necessity of a “specific infringement” of the rights of data subjects and it is sufficient that the processing is potentially able to affect the rights of identified or identifiable natural persons. In a continuation of this case, a new case C-757/22Footnote 61 was brought that clarified and confirmed those conclusions within the same proceeding’s context.
Doctrinally, this confirms the analysis in Section II that actions are allowed for injunction measures without mandate but if compensation is sought, it remains tied to individual mandates,Footnote 62 even if no specific infringement or damage has materialised yet. Ultimately, it means that inferred groups of persons do not have proper litigable safeguards.
In the following Section, I propose a draft of the potential remedies, which I hope would serve as an initial step towards addressing fully the challenges identified throughout this text.
V. Group representative actions: operationalisation
1. Some remarks
The problem in reality is twofold. From one side, inferred groups from anonymised data fall outside the legislative guardrails, and existing remedies do not allow mandate-free actions for redress without identification of the group of people concerned at a certain stage. From the other side, the lawmaker has already hinted at the concerns that prevent broader standing in collective actions. The RAD refers to “improving consumers’ access to justice” and avoiding “abusive litigation that would unjustifiably hinder the ability of businesses to operate” (Recital 10).Footnote 63 Indeed, costly liability claims, involving potentially millions of people and the difficulty to evaluate the monetary expression of the damage as well as the magnitude vis-à-vis individual harms is a concern.
However, the reality is not so sombre. The risk of frivolous or “abusive” litigation in the EU is overstated for three reasons.
First, the compensation currently EU consumers may expect is significantly lower than in identical or similar cases in the US.Footnote 64 Take as an example, the so called “Dieselgate” from 2015, where Volkswagen’s cars were found modified so that the emissions reported were lower than they actually are. In the US the affected cars were approximately 500 000, the settlement took 9 months and the total amount agreed was $14.7 billion, which included a full buyback of the cars together with a proportionate compensation ranging from $5 100 to $10 000.Footnote 65
In Europe, the carmaker refused to pay initially. Approximately more than 8,5 million people were affected. There was no RAD or other harmonising tool. Thus, after having passed hastily a class action law, a German consumer protection organisation settled only in 2020 followed by the UK in 2022, as only two countries in Europe. The total settlement, combined, is for €1 billion. The average compensation throughout the UK and Germany was €1 350–€6 257 with no buyback of the cars.Footnote 66
Second, EU legislation limits any excessive claims. This is so not only because until the application start date of the RAD in 2023, there was no harmonisation on the subject, but also because of the design of the Directive. European claims should go through high standing criteria, only designated QEs can file a proceeding, the RAD allows disparate number of people to be included through opt-in or opt-out options in order to participate in the distribution, redress concentrates to actual loss. Moreover, European-level actions are limited by an opt-in mechanism when it comes to non-residents of a Member State (Article 9 (3) RAD), national actions are a mixture of opt-in/opt-out solutions, which not only fragments any EU-wide claims but also incentivises forum-shopping and limits consumer redress. As a matter of example, the US’ regime allows for a private lawyer together with lead plaintiffs to file a claim, the claim is concentrated around punitive compensation, and all American consumers are automatically part of the lawsuit (opt-out).
Finally, the European legal and litigation culture is radically different. For example, the famous Liebeck v. McDonald’s Restaurants case (1994) had its duplicate in the UK, however, with the opposite outcome. Bogle & Others v McDonald’s Restaurants Ltd (2002)Footnote 67 is an identical case, which was dismissed, mainly because the judge considered the damage a personal responsibility and general expectation a coffee to be hot.Footnote 68 Additionally, the European tradition mandates that the party that lost the litigation pays the costs of both parties, while in the US one, each party pays their own costs.
2. Design options for group-friendly collective redress
Against this context, there is a chance to make the tool of collective representation a true redress mechanism functioning as a deterrent factor for abusive corporate behaviour, invite those companies to settle agreements quicker and protect better those users and consumers identified as falling outside the guardrails of the digital legislation and finally rendering it fairer. While this outcome is speculative, I provide a series of proposals that can contribute to the better protection of group interests, in line with recent scholarship,Footnote 69 although I do not take them to be exhaustive.
-
1. Prefer opt-out option: Article 8 (injunctive measures) RAD is not problematic as it allows consumers not to be required to express their wish to be represented by a QE. Article 9 (2) RAD, however, allows Member States to adopt opt-in or opt-out mechanisms. Article 9 (3) limits that to opt-in for non-residence. In both those cases an opt-out solution should be privileged in order to allow broader pool of represented consumers and EU-level claims capable of generating a deterrence for case such as the Dieselgate.
-
2. Lower the procedural threshold of representativeness: Ease admissibility and representativeness requirements by accepting digital or anonymous expressions of support (such as “likes,” TPC v Oracle/Salesforce case) and Backed by a civil-society organisations as sufficient to show “actual support” for a representative action. This would broaden the gateways to larger pool of potentially harmed people and lower the cost of participation.
-
3. Allow categorisation and sub-categories: Export WAMCA-style categorisation and sub-categorisation of claimants based on “the nature and the seriousness of their loss” (Article 7:907 (2)(b) of the Dutch civil code), including different levels of non-material harm as a model for RAD implementation and for any future manageability and compensation problems without watering down the compensatory function.Footnote 70 In this way each category must still meet the national, EU or case law conditions for damage, causation and unlawfulness but at the level of groups rather than strictly individualised.
-
4. Include expressly AI-related representation right: Incorporate at AI Act level or in implementing legislation, an explicit representation right allowing designated entities to act on behalf of “persons or groups of persons” affected by high-risk AI systems, at least for injunctive and structural remedies, mirroring, and extending beyond, the Article 80 GDPR model.
-
5. Privilege complaints by entities defending groups explicitly under Article 85 AI Act: The AI Act already grants “any natural or legal person” the right to lodge a complaint with market surveillance authorities (Article 85). Implementing legislation and guidance should clarify that entities with a statutory mandate to protect groups enjoy privileged standing as complainants in matters involving systemic or group-level harms. This may include priority handling. Such a clarification would make the AI Act’s group vocabulary operational in public enforcement, without altering the primary text.
-
6. Extend collective standing to non-consumer groups affected by AI: Current RAD mechanisms are limited to consumers, and GDPR’s Article 80 model is tied to data subjects. To capture algorithmic “groups of persons” who may be workers, SME owners, inferred groups, Member States should create or adapt collective action regimes that grant standing to qualified entities representing non-consumer groups exposed to AI harms. Such entities could be designated by reference to their statutory purpose (trade unions or civil rights protection organisations) and allowed to bring representative actions for AI-related harms in line with the AI Act’s risk categories.
VI. Redress à l’européene
In the introduction I claimed that there is no “Erin Brockovich” in Europe. The analysis in this paper shows that the reality is more complicated, or it is at least nuanced. Europe does have collective actions such as the Dieselgate litigation but also other national cases in Veneto,Footnote 71 ZwijndrechtFootnote 72 or along the Asopus river,Footnote 73 and recently emerging data protection and consumer litigations. However, they are fragmented, frequently limited nationally and not always attributing immediate financial compensation to the victims à l’américaine. The problem is therefore not the absence of collective redress, but its architectural fit with AI-driven, group-level harms in the EU’s digital regulation framework.
Section V developed a guide for “group-friendly” collective redress that stays within the logic of existing instruments rather than importing a US-style class action. If implemented in national transpositions of RAD, in AI Act implementation measures, and in national collective action regimes, they would make it procedurally realistic to seek redress for collective harms without abandoning the EU’s legal culture, while ensuring effectively digital fairness.