Brussels – The European Commission got it wrong. The internet site of the Conference on the Future of Europe (now archived), the EU’s experiment in participatory democracy, violated the union’s own rules on privacy. Specifically, the ability to follow the proceedings by connecting through Facebook automatically transmitted personal data to Meta, the company that controls the social network, sending it to the United States without asking for consent.
Nailing the EU executive to its responsibilities is the EU General Court, which certifies the violation of the 2018 regulation on personal data processing. The Luxembourg judges are in no doubt: the European Commission “committed a sufficiently serious breach of a rule of law that is intended to confer rights on individuals.” With the automatic transfer to the United States of information about the IP address of the terminal, the European citizen concerned, deprived of information notices and requests for consent, “non-material damage, in that he found himself in a position of some uncertainty as regards the processing of his personal data,” in particular his IP address.
The EU executive is ordered to settle the case, assuming it does not exercise its right to appeal to the Court within two months of the ruling. Certainly, it does not make the Commission and its president, Ursula von der Leyen, look good.
English version by the Translation Service of Withub
