![european_commission_eu_building_0109](https://media.cybernews.com/images/featured-big/2025/01/european_commission_eu_building_0109.jpg)
The European General Court has ruled that the European Commission must pay €400 ($412) to a German citizen for illegally transferring his data to the United States.
The court ruled that the EU’s executive branch was in the wrong for transferring the citizen’s personal data without proper safeguards in a case that marked the first time the bloc was fined for violating its own privacy laws.
According to court documents, the individual used his Facebook account to sign in for a conference in 2022 on a website run by one of the EU’s directorates.
As a result, the user’s IP address was transferred to Meta Platforms in the United States, which the court ruled violated EU data protection rules.
The court, which hears actions taken against the EU institutions by individuals or member states, agreed with the applicant’s claim that the transfer of his IP address was unlawful and “caused him non-material damage consisting in a loss of control of his data.”
It also agreed that the German was deprived of his rights and freedoms as a result.
“Therefore, the Commission must be ordered to pay the sum of €400 to the applicant for the non-material damage sustained as a result of the disputed transfer on signing in to EU Login on 30th March 2022,” the court ruling read.
However, the court dismissed the applicant’s claim that his data was also transferred to Amazon CloudFront servers located in the United States after it was determined that the information was actually hosted on a server located in Munich, Germany.
"The Commission takes note of the judgment and will carefully study the Court's judgment and its implications," a Commission spokesperson said, as reported by Reuters.
GDPR’s long reach
The EU’s General Data Protection Regulation, or GDPR, is among the strictest data privacy laws in the world.
The €400 imposed by the court on the European Commission is just a tiny fraction of hundreds of millions of euros in penalties the bloc slapped on major corporations, including Amazon, Google, and TikTok.
Meta is among the biggest offenders of the regulation. It was most recently fined €91 million ($94 million) for exposing the plaintext passwords of a reported 600 million Facebook users to internal employees.
This comes on top of the €1.2 billion fine issued in May 2023, the largest GDPR fine to date, along with several smaller fines, amounting to hundreds of millions of euros, imposed on Meta since the laws took effect in 2018.
Meta’s CEO Mark Zuckerberg, who has recently been courting US President-elect Donald Trump, accused the EU of “censorship” earlier this week – an accusation that Brussels said it “absolutely” rejects.
Your email address will not be published. Required fields are markedmarked