EU Commission Fined for GDPR Violation: A Landmark Ruling

EU Commission Fined for GDPR Violation: A Landmark Ruling

In a significant ruling, the European Union's General Court has ordered the European Commission to pay €400 (approximately $410) in damages to a German citizen for violating its own General Data Protection Regulation (GDPR). This landmark decision underscores the strict enforcement of GDPR and serves as a powerful reminder that even the EU's executive arm is subject to the very laws it oversees. The Case in Detail The case stemmed from a citizen's participation in a European Commission-managed conference. To register, the individual utilized the "Sign in with Facebook" option on the conference website. Unbeknownst to the citizen, this action inadvertently triggered the transfer of personal data, including their IP address, browser information, and device details, to US-based companies: Amazon (hosting the conference website) and Meta (parent company of Facebook). The citizen argued that this data transfer violated their rights under GDPR, which mandates stringent sa…