Data protection complaint filed against European Parliament

Brussels deals with own GDPR violation

Life

Austrian advocacy group NOYB (None of Your Business), led by privacy activist Max Schrems, has filed two complaints against the European Parliament with the EU privacy watchdog. According to Reuters, the group has accused the Parliament of insufficiently protecting employees’ personal data following a breach in its recruitment platform.

The breach involved the data of more than 8,000 staff members, including passports, criminal records and marriage certificates. Despite being notified of the breach in May, the cause has still not been determined. NOYB fears the lack of accountability will lead to more cyber security incidents at EU institutions.

According to NOYB data protection lawyer Lorea Mendiguren, this breach comes after repeated cyber security incidents in EU institutions over the past year. The European Parliament is required to ensure proper security measures are in place, as its employees are likely targets for malicious actors. However, it seems the parliament is not complying with the General Data Protection Regulation (GDPR).

NOYB argues that parliament is not fulfilling its responsibility under the GDPR and that the European Data Protection Supervisor should enforce compliance. This could result in a fine.

The two complaints filed by NOYB on behalf of four employees are intended to prompt the European Data Protection Supervisor to take action against the European Parliament. The group demands that the parliament take immediate steps to undo the breach and prevent future incidents.

The European Parliament was not initially available for comment.

Read More: breaches cyber security data GDPR General Data Protection Regulation Noyb privacy security