European Union: Filed lawsuit against European Commission for alleged personal data transfers to third countries

On 9 June 2022, a case was filed in the General Court against the European Commission, citing alleged unlawful data transfers to third countries without adequate safeguards in violation of Regulation (EU) 2018/1725. The applicant claimed that during his visits to the Conference on the Future of Europe (CFE) website in 2021 and 2022, his personal data, including his IP address and browser information, were transferred to third countries, such as the United States, through services such as Amazon CloudFront and Facebook authentication. He also alleged that the Commission failed to adequately respond to his request for information submitted on 1 April 2022 regarding the processing of his data, including details about legal bases and safeguards for such transfers. He sought annulment of the data transfers, a declaration of unlawful inaction by the Commission, and compensation of EU 1'200 for non-material damage caused by breaches of his data protection rights.