An EU parliament website for COVID testing allegedly broke the EU’s privacy laws
The European Parliament is being investigated by the European Data Protection Supervisor after allegations that its COVID testing website didn’t meet EU privacy standards. Six members of the European Parliament (MEPs) have worked with data watchdog group noyb to bring the complaint, saying that the site illegally sent data to the US and that its cookie banners were deceptive.
The website was set up to help MEPs schedule COVID tests, and while it didn’t handle any health information itself, sending data to the US for processing would still be illegal. According to the complaint, the testing website made over 150 requests to third parties, including Google and Stripe. Under EU law, data can only be transferred to the US if “an adequate level of protection for the personal data [can] be ensured,” and noyb argues that the companies “clearly fall under relevant US surveillance laws that allow [targeting of] EU citizens.”
The complaint also alleges that the cookie banners on the site didn’t disclose all of the cookies that would be stored on the user’s computer, and that the banners prodded users toward the “Accept All” button. Since cookies are used to track users across websites, and some of the ones found were from the aforementioned US companies, it’s understandable that EU regulators might be caught off guard.
According to Reuters, the European Data Protection Supervisor started investigating the site back in October, following other complaints from MEPs. A spokesperson said that the information from noyb was “of direct relevance to this complaint [and would] be examined thoroughly.”
EU privacy laws can sometimes be hard for web developers to grasp, but most web developers aren’t under direction of the lawmakers themselves. Creation of the site was contracted out to a third-party company, but you’d hope that there was a specification for “follows all EU privacy laws” included in the brief.
Speaking to Reuters, noyb’s chairman Max Schrems said EU institutions like the parliament “have to lead by example,” and it seems that, in this instance, they haven’t lived up to that responsibility.
The European Parliament is being investigated by the European Data Protection Supervisor after allegations that its COVID testing website didn’t meet EU privacy standards. Six members of the European Parliament (MEPs) have worked with data watchdog group noyb to bring the complaint, saying that the site illegally sent data to…
Recent Posts
- Google’s new ‘Add to Chromebook’ badge makes web apps easier to find and install
- Wisconsin man arrested for allegedly creating AI-generated child sexual abuse material
- Samsung’s new Galaxy Book4 Edge laptop is a trifecta of next-gen AI power
- The August smart lock finally gets a fingerprint option
- Google slams Microsoft security failures, offers software discounts in bid to poach customers
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011