European parliament found to have broken EU rules on data transfers and cookie consents
The European Union’s chief data protection supervisor has sanctioned the European Parliament for a series of breaches of the bloc’s data protection rules.
The European Data Protection Supervisor’s (EDPS) intervention relates to a COVID-19 test booking website which the European Parliament launched in September 2020 — using a third-party provider, called Ecolog.
The test booking website was found to be dropping cookies associated with Google Analytics and Stripe — but the parliament failed to demonstrate it had applied any special measures to ensure that any associated personal data transfers to the U.S. would be adequately protected in light of the landmark Schrems II decision by the EU’s top court.
Source: European parliament found to have broken EU rules on data transfers and cookie consents | TechCrunch