European Commission faces GDPR complaint over alleged violations in advertising campaign

The European Center for Digital Rights (noyb) has filed a complaint with the European Data Protection Supervisor (EDPS) against the European Commission, accusing its home affairs department of breaching GDPR rules in an advertising campaign on social media platform X.

The complaint alleges that the campaign targeted users based on political views and religious beliefs, violating X’s policy and using protected data categories. The European Commission is reviewing the complaint, while noyb considers a similar action against X.

Controversy surrounds the campaign advocating a bill on child sexual abuse, with accusations of misleading statistics to sway public opinion. The bill has sparked controversy, with privacy advocates opposing it, citing concerns about mass surveillance and the end of digital privacy. Noyb is urging the EDPS to impose fines on the Commission for GDPR breaches and prevent future similar campaigns.

Why does it matter?

The gravity of these allegations is particularly increased in the context of a government body engaging in such practices. If proven true, it could have far-reaching implications for data protection, privacy rights, and the ethical conduct of European government entities. In response to concerns about the bill, the European Parliament’s justice committee modified the Commission’s proposal this week, prioritizing the protection of encrypted communications and advising that scanning digital content should be a “last resort” contingent on “reasonable grounds of suspicion.