A top court has ordered the European Union's top executive authority to pay a German citizen €400 (about $410) in damages for violating its own data protection laws.
In a statementThe EU General Court said that the European Commission violated the citizen's rights by transferring some of his personal data to the United States without adequate safeguards.
The court said the German national had registered for a conference, run by the European Commission, using the “Sign in with Facebook” option on the conference's website. But Citizen said information about his IP address, browser and device was transferred to US companies — such as Amazon, which hosts the conference website, and Meta, which owns Facebook — which Citizen said violated his rights under the bloc's data privacy rules.
The European Commission committed a “sufficiently serious breach” of rules covering 27 European countries, the EU General Court ruled on Wednesday. Reuters, which First report News, the fine is a first for the European Commission.
The European Union's data protection rules, known as GDPR, are among the strictest data privacy rules in the world, and can fine companies up to 4% of their annual turnover for breaching the rules.