'Pay or OK' – 'Consent or Pay' resources
members
–
5 min read
Meta to launch new model in Jan | ICO shares guidance for the public
Norway DPA fines Grindr NOK 65 million for invalid consent
members
–
3 min read
🔥 25 Nov: Grindr won't appeal after the Borgarting Court of Appeal upheld the record NOK 65m (~€5.5m) fine against them for disclosing users' special category personal data to third parties for behavioural advertising without a valid consent.
CJEU C-604/22 IAB Europe TC String 7 Mar 2024
members
–
7 min read
[Final 🇧🇪 ruling, articles] GDPR definitions are broad: information = personal data if someone can be identified using third-party data. Joint controllership doesn’t automatically cover further processing, but you are one if you set binding rules and jointly decide purposes and means.
Luxembourg Court upholds major €746m fine to Amazon
members
–
2 min read
Just added the ruling. Fine and daily penalty upheld for Articles 6, 12-17, and 21 violations related to interest-based ads, but since an appeal is inevitable, this isn’t final yet. In the meantime, Amazon doesn’t have to pay or take any action.
🇮🇪 DPC fines LinkedIn €310m for illegal behavioural analysis and targeted advertising ('BA & TA')
members
–
7 min read
Key takaways: Lack of lawful basis = loss of control = 'significant damage', lawful bases are notoriously tricky to get right, and most have lots to gain in improving information and transparency. Full decision = a key lesson on legitimate interest and LIAs.
CJEU C-446/21 Schrems (Communication of data to the general public) 4 Oct 2024
members
–
5 min read
A ruling that sparks questions around 'strictly necessary' and 'purpose'. Facebook can't indiscriminately use personal data on or off their platform for personalised ads, without restricting the duration and type of data.
My Meta Pay or Okay experience - now they're cutting the price with 40%
members
–
5 min read
Latest: Meta reduces sub prices and offers new free choice with less personalised ads, claiming it "goes beyond what is required in the law". 💸 And gets huge fines: €797.72m from the 🇪🇺 EC for antitrust violations and $25.4m from 🇮🇳 India's competition authority for 2021 privacy notice failures.
CJEU C-252/21 Meta Platforms and Others (General terms of use of a social network) 'Bundeskartellamt' 4 Jul 2023
members
–
6 min read
The 'Bundeskartellamt' ruling, where the CJEU applies 'strictly' to the legal bases necessity test for the first time. 🔥 You might rely on legitimate interest for direct marketing, network security or product improvement, but the processing must now meet this higher threshold.
EDPB's controversial ‘Consent or Pay’ Opinion is here
members
–
2 min read
[Updated 24 April with highlighted file + 🎙️] Is the EDPB trying to "rewrite the entire economic model of Big Tech and the adtech industry in the EU"? 🤔 Controversial Opinion just published!
Norway DPA warns site tracking investigations 🧐
members
–
2 min read
⏰ Datatilsynet will soon start investigating non-compliant tracking technologies. If you use Meta Pixel or similar, it's time for website due diligence!
EDPB publishes Urgent Binding Decision regarding Meta
members
–
1 min read
NB! This post was updated later with two key items: the actual EDPB decision and the DPC's Enforcement notice.
The EDPB extends the Meta ban to the entire EEA permanently
members
–
2 min read
The EDPB makes the Norwegian DPA's ban on Meta's behavioural advertising on Facebook and Instagram permanent and extends it to the entire EEA