Premium

In a first, EU Court fines EU for breaching own data protection law

EU General Court orders European Commission to pay damages for violating its own data protection rules. A German citizen was awarded €400 for improper data transfer to the U.S. via Meta.

Meta EUEU flag and Meta logo are seen in this illustration taken, May 22, 2023. REUTERS/Dado Ruvic/Illustration/File Photo

In a first, the EU General Court ruled on Wednesday that the European Commission must pay damages to a German citizen for failing to comply with its own data protection regulations.

The court determined that the Commission transferred the citizen’s personal data to the United States without proper safeguards and ordered it to pay him 400 euros ($412) in damages.

The individual had used the “Sign in with Facebook” option on the EU login webpage to register for a conference. The court, which hears actions taken against EU institutions, found that this transfer of the user’s IP address to Meta Platforms in the U.S. violated EU data protection rules.

Story continues below this ad

“The Commission takes note of the judgment and will carefully study the Court’s judgment and its implications,” a Commission spokesperson said.

Europe’s General Data Protection Regulation (GDPR) is widely regarded as one of the most comprehensive and stringent data privacy laws in the world. Major companies such as Klarna, Meta, LinkedIn and others have faced significant fines from the EU for non-compliance. ($1 = 0.9709 euros)

Latest Comment
Post Comment
Read Comments
Advertisement
Loading Taboola...
Advertisement