European Commission hit by EU court fine after breaking own data privacy rules

Date:
Thu, 09 Jan 2025 10:54:53 +0000

Description:
EU General Court hits European Commission with a fine for violating GDPR.

FULL STORY

The European Commission has been forced to pay a 400 euro ($412) fine to a German citizen for breaking its own data protection regulations.

The German citizen used a Sign in with Facebook option on an EU conference registration page which subsequently sent information on the citizens IP address, web browser , and device to Meta Platforms and Amazon in the US.

The EU General Court concluded the European Commission had transferred
personal data to the United States without proper safeguards, violating the
EUs stringent General Data Protection Regulation (GDPR).

EC violates GDPR

"The Commission takes note of the judgment and will carefully study the
Court's judgment and its implications," a Commission spokesperson said (via Reuters ).

The European Union has some of the strongest privacy protections in the
world, with GDPR imposing rules on any organization that collects or manages personal data of EU citizens, with the ability to fine the organization up to 4% of their annual turnover in the event that they breach the regulations.

In 2024, Meta was hit by a $263 million fine for breaching GDPR in the 2018 Facebook data breach when the data on three million EU citizens was stolen by attackers who abused a bug in the View as profile function to steal access tokens and take over accounts.

Meta, continuing its string of annual GDPR violations, was also hit by a
record $1.3 billion fine in 2023 for transferring EU data to the US, and a
$259 million fine in 2022 for failing to protect the data of more than half a billion Facebook users.

The US does not have any principal data privacy regulations, with privacy regulations varying from state to state. The EU has been debating a key piece of legislation, known as the EU Cybersecurity Certification Scheme (EUCS), since 2020.

This legislation would provide a label to cloud computing companies that
follow robust cybersecurity and privacy regulations, enabling them to process EU data outside of the bloc provided they safeguard the data to the same
level required inside the EU.

======================================================================
Link to news story: https://www.techradar.com/pro/security/european-commission-hit-by-eu-court-fin e-after-breaking-own-data-privacy-rules

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)