The Supreme Court has ordered the European Union's top enforcement authority to pay 400 euros (about $410) in damages to German citizens for violating its own data protection laws.
The EU General Court said in a statement that the European Commission had transferred some personal data to the United States without adequate safeguards, infringing the rights of citizens.
The court said the German national registered for the European Commission-administered conference using the “Sign in with Facebook” option on the conference's website. However, citizens said that information about their IP addresses, browsers and devices were transferred to US companies, namely Meta, which owns Amazon and Facebook, which hosts the conference website, and this is based on the block's Data Privacy Citizens claimed that their rights were being violated. rule.
The EU's General Court ruled on Wednesday that the European Commission had committed a “sufficiently serious breach” of rules covering 27 European countries. Reuters, which first reported the news, said the fine was a first for the European Commission.
The EU's data protection regulations, known as GDPR, are among the most stringent data privacy regulations in the world, with fines of up to 4% of annual turnover for organizations that violate them.