The EU general court in Luxembourg on Wednesday (8 January) ordered the European Commission to pay €400 in damages to a private citizen for breaching its own data protection laws.
The complainant, a German citizen, filed the case after visiting the Conference on the Future of Europe website in March 2022 via Facebook — claiming the commission had violated his right to data protection.
The individual had used the "Sign in with Facebook" option on the EU Login page to register for the conference and argued that his personal data — including his IP address, browser details, and device information — was sent to recipients in the US without his consent.
Specifically, he had registered for a 'GoGreen' event through the EU Login service and chose the option to log in via Facebook.
The court, which handles cases against EU institutions, determined that transferring the user's IP address to Meta platforms in this way indeed violated EU data protection laws and that there was “a sufficient link between the commission’s violation and the moral harm suffered.”
The EU's General Data Protection Regulation (GDPR) is one of the strictest data privacy laws globally, with Meta previously facing hefty fines for data breaches. This time, however, it was the commission itself at fault.
The citizen sought €400 in compensation, plus €800 for the ‘moral harm’ caused by the commission’s failure to respond to a request for information.
The court dismissed the claim for compensation over the failure to respond.
However, the court did agree that the transfer of the user’s IP address to Meta Platforms was in breach of EU law.
The commission had not demonstrated the existence of appropriate safeguards, a requirement under EU law, as the “Sign in with Facebook” link was governed solely by Facebook’s terms of service.
Therefore the court concluded that the commission had indeed violated EU law and that the complainant had suffered moral harm due to “uncertainty” about the handling of his personal data.
Wester is a journalist from the Netherlands with a focus on the green economy. He joined EUobserver in September 2021. Previously he was editor-in-chief of Vice, Motherboard, a science-based website, and climate economy journalist for The Correspondent.
Wester is a journalist from the Netherlands with a focus on the green economy. He joined EUobserver in September 2021. Previously he was editor-in-chief of Vice, Motherboard, a science-based website, and climate economy journalist for The Correspondent.