On 26 August 2024 the Dutch Data Protection Authority (DPA) announced that it had imposed a €290 million fine on Uber Technologies Inc. and its Dutch subsidiary, Uber B.V., for violating Article 44 of the General Data Protection Regulation (GDPR). The penalty was a result of Uber’s failure to ensure appropriate data transfer mechanisms for […]
Dutch DPA Fines Uber €290 Million Over Data Transfers Read More »
noyb has filed a lawsuit against the Hamburg Data Protection Authority (DPA) after it approved the controversial ‘Pay or OK’ system used by DER SPIEGEL, which forces users to choose between consenting to data tracking or paying for a subscription. The Hamburg DPA’s decision, which took nearly three years, has been criticized for lack of impartiality, as the complainant was not consulted and critical facts were ignored.
noyb Sues Hamburg DPA over “Pay or OK” in Der Spiegel Read More »
In 2023, NOYB continued its pivotal role in enforcing data protection rights across Europe, filing over 40 new complaints, including significant actions against Meta’s controversial “Pay or Okay” system and unlawful credit scoring practices. Key victories included substantial fines against Meta (€1.5 billion) and Spotify (€5 million).
Noyb Publishes 2023 Annual Report Read More »
The European Parliament has launched a report addressing the implications of neurotechnologies (NT) on mental privacy. Originally used for clinical purposes, NT devices are now widely accessible for cognitive and physical enhancement, which raises privacy, security, and ethical concerns. The Neurorights Foundation (NRF), established in 2017, proposes ‘neurorights’ such as mental privacy and protection from algorithmic bias. The report evaluates these proposals and recommends a balanced regulatory framework to protect users while fostering responsible NT development.
The study recommends six actions: investigating technology-centred risk evaluations, tracking public communication on NT, discontinuing neurorights as human/fundamental rights, funding research to fill existing gaps, supporting EU NT providers, and investigating the need for new NT device standards. This builds on a prior EDPS tech dispatch highlighting similar data protection needs.
Neurotechnologies and Mental Privacy: Societal and Ethical Challenges Read More »
The European Commission released its second report on the application of the General Data Protection Regulation (GDPR). Since the first report in 2020, the GDPR has significantly impacted individuals and businesses, with the EU introducing numerous initiatives to enhance digital transformation. The report highlights key achievements, including increased enforcement activities and cooperation among data protection authorities. However, it also identifies areas needing improvement, such as supporting SMEs, providing clearer guidance, and achieving consistent GDPR enforcement across the EU. Significant enforcement actions have led to fines totaling around EUR 4.2 billion.
Second GDPR Report Highlights Progress and Challenges Read More »