The European Union has fined itself for breaching its own data privacy law

The European Union investigated itself and found…actual violations! For the first time ever, the European Union has been found to have breached its own privacy rules set by the General Data Protection Regulation (GDPR), and will have to pay a fine, per Judgment issued by the General Court of the European Union.

The victim of the EU’s blatant disregard for the law was a German citizen who used the “Log in with Facebook” option when registering to attend a conference via the European Commission’s web page. When the user clicked this button, data about their device, browser, and IP address was transmitted through a content delivery network operated by Amazon Web Services, and eventually found its way to servers operated by Meta Platforms, Facebook’s parent company, in the United States. The court decided that this data transfer was made without appropriate safeguards, which amounts to a violation of GDPR rules, and ordered the EU to pay a fine of 400 euros (about $412) directly to the person who brought the case.

General Data Protection Regulation, the reason why every website now It asks you if you want to accept cookieshas been a thorn in the side of tech companies since it first went into effect in 2018. A set of strict data privacy rules designed to regulate the amount of personal data companies can collect from users and give individuals more control over how their information is used. Its access and use has been the impetus for a number of major penalties paid by big tech companies – especially Meta.

Just last year, I got dead A fine of $1.3 billion was imposed on him For failing to adequately protect European users’ data from US intelligence agencies when transferring data to US servers. Previously, Meta was beaten by $417 million fine Under the GDPR rules for violating the privacy of underage users on Instagram and $232 million For failing to transparently disclose how WhatsApp data is processed. Although Meta isn’t the only one getting these expensive slaps on the wrist (Amazon got itself a $887 million fine In 2021, for example), it’s fitting that it’s the Facebook login option that’s got the European Union in an awkward position with itself.

The GDPR has been a bit of a mixed bag since its implementation. It has undoubtedly made some headlines with the hefty fines targeting Silicon Valley giants. But enforcement can take forever — even the EU’s first self-imposed fine for violating a single person’s privacy took more than two years to process. More than three out of four data protection authorities have done this He complained Due to a lack of budget and personnel to track down violations, there is plenty of evidence to suggest that a Byzantine list of laws was enforced. Not much has actually been done To limit the invasive practices of surveillance capitalism. The EU has some work to do. Maybe she could start following her own rules.