In September 2020, the European Parliament launched a website for MEPs and its employees to book Covid-19 tests. During 2021, six MEPs filed complaints against the site for non-compliance with the GDPR.
Indeed, the site imposed the presence of third-party cookies without users’ consent and, above all, did not have a protocol to prevent Google Analytics and Stripe from transferring users’ personal data to the United States. The site is thus in contradiction with the Schrems II decision handed down by the Court of Justice of the European Union (CJEU) in July 2020, which invalidated the Privacy Shield.
After investigation, the European Data Protection Supervisor (EDPS) found the Parliament responsible for these failings and issued a warning, with an obligation to address all issues within one month.
![[FIC 2023] Trust in Digital Technology: “We Can’t Believe What We See Anymore”](https://incyber.org/wp-content/uploads/2023/05/Plénière-480x300.png)
![[FIC 2023]: Are ransomware gangs just like any other business?](https://incyber.org/wp-content/uploads/2023/04/iStock-1418809371-480x300.jpg)
![[FIC 2023] Usernames and passwords at the heart of cyber threats](https://incyber.org/wp-content/uploads/2023/04/iStock-1407929371-480x300.jpg)
![[FIC 2023] CRQ: how to financially quantify cybersecurity risks](https://incyber.org/wp-content/uploads/2023/04/iStock-1276312812-480x300.jpg)
![[FIC 2023] 4 key issues for surviving in the Wild West of domain names](https://incyber.org/wp-content/uploads/2023/04/iStock-1410312530-480x300.jpg)
![[FIC 2023] Cloud : Is Europe Falling Behind?](https://incyber.org/wp-content/uploads/2023/04/iStock-582295906-480x300.jpg)
![[FIC 2023] An obstacle course for Europe’s sovereign Cloud](https://incyber.org/wp-content/uploads/2023/04/iStock-1280073453-480x300.jpg)
