European Union: Issued General Court ruling requiring European Commission to pay damages to visitor to due to transfer of personal data to United States

Description

Issued General Court ruling requiring European Commission to pay damages to visitor to due to transfer of personal data to United States

On 8 January 2025, the General Court issued a ruling in Case T-354/22 brought against the European Commission concerning alleged breaches of EU data protection laws. The applicant claimed that his personal data had been unlawfully transferred to third countries, including the United States, during his interactions with the Conference on the Future of Europe website and sought annulment of the transfers, a declaration of failure to act by the Commission, and EUR 1'200 in damages for non-material harm. The Court dismissed the claim for annulment as inadmissible, found no need to adjudicate on the alleged failure to act, but partially upheld the damages claim, awarding the applicant EU 400. The Court concluded that the Commission had breached Article 46 of Regulation (EU) 2018/1725 by enabling the transfer of the applicant's IP address to Meta Platforms (Facebook) during the EU Login process without adequate safeguards. Other claims for damages were dismissed, as the applicant failed to prove unlawful conduct or sufficient harm.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cross-border data transfer regulation
Regulated Economic Activity
other service provider
Implementation Level
supranational
Government Branch
judiciary
Government Body
court

Complete timeline of this policy change

Hide details
2022-06-09
under deliberation

On 9 June 2022, a case was filed in the General Court against the European Commission, citing alleg…

2025-01-08
in force

On 8 January 2025, the General Court issued a ruling in Case T-354/22 brought against the European …