EDPS sanctions Parliament over EU-US Data Transfers to Google and Stripe
Content
Cookie Banners EDPS sanctions the European Parliament for illegal EU-US data transfers - among other violations The European Data Protection Supervisor (EDPS) issued a decision after a complaint filed by noyb confirming that the European Parliament violated data protection law on its COVID testing website. The EDPS highlights that the use of Google Analytics and the payment provider Stripe (both US companies) violated the Court of Justice's (CJEU) "Schrems II" ruling on EU-US data transfers. The ruling is one of the first decisions implementing "Schrems II" on the ground and may show the way for hundreds of other cases pending before regulators. Decision of the EDPS against the European Parliament (PDF) Complaint filed one year ago. In January 2021, noyb filed a complaint against the European Parliament on behalf of six Members of the European Parliament over an internal corona testing website. The issues raised were deceptive cookie banners, vague and unclear data protection notices,