Consent or Pay resources
members
–
2 min read
Updated this post to gather some of the Consent or Pay resources while we wait for the EDPB's Guidelines!
🇮🇪 DPC fines LinkedIn €310m for illegal behavioural analysis and targeted advertising
members
–
2 min read
UPDATE 1 Jan: Summary + full decision published! 6 years after a complaint, the DPC finds LinkedIn breached lawfulness (no consent, legitimate interest or contractual necessity), fairness, and transparency. Result: reprimand, order to rectify violations + €310 million fine.
CJEU C-446/21 Schrems (Communication of data to the general public) 4 Oct 2024
members
–
5 min read
A ruling that sparks questions around 'strictly necessary' and 'purpose'. Facebook can't indiscriminately use personal data on or off their platform for personalised ads, without restricting the duration and type of data.
My Meta Pay or Okay experience - now they're cutting the price with 40%
members
–
5 min read
Latest: Meta reduces sub prices and offers new free choice with less personalised ads, claiming it "goes beyond what is required in the law". 💸 And gets huge fines: €797.72m from the 🇪🇺 EC for antitrust violations and $25.4m from 🇮🇳 India's competition authority for 2021 privacy notice failures.
CJEU C-252/21 Meta Platforms and Others (General terms of use of a social network) 4 Jul 2023
members
–
6 min read
The 'Bundeskartellamt' ruling, where the CJEU applies 'strictly' to the legal bases necessity test for the first time. 🔥 You might rely on legitimate interest for direct marketing, network security or product improvement, but the processing must now meet this higher threshold.
Grindr NOK 65m fine upheld in Norway (again)
members
–
2 min read
The Oslo District Court ruled in favour of the state on all points, after Grindr sued the authorities after the Privacy Appeals Board fully upheld the DPA's decision, including the NOK 65m record fine. Preliminary win, but expect an appeal.
EDPB's controversial ‘Consent or Pay’ Opinion is here
members
–
2 min read
[Updated 24 April with highlighted file + 🎙️] Is the EDPB trying to "rewrite the entire economic model of Big Tech and the adtech industry in the EU"? 🤔 Controversial Opinion just published!
CJEU C-604/22 IAB Europe TC String 7 Mar 2024
members
–
6 min read
IAB Europe is a joint controller and because their 'TC String' contains data about an identifiable user, it's personal data.
Norway DPA warns site tracking investigations 🧐
members
–
2 min read
⏰ Datatilsynet will soon start investigating non-compliant tracking technologies. If you use Meta Pixel or similar, it's time for website due diligence!
EDPB publishes Urgent Binding Decision regarding Meta
members
–
1 min read
NB! This post was updated later with two key items: the actual EDPB decision and the DPC's Enforcement notice.
The EDPB extends the Meta ban to the entire EEA permanently
members
–
2 min read
The EDPB makes the Norwegian DPA's ban on Meta's behavioural advertising on Facebook and Instagram permanent and extends it to the entire EEA