Case projectData Transfers
Filing DPADSB (Austria)
Case statusOther Outcome
This is one of noyb 101 complaints which were filed after the "Schrems II" judgement in Summer 2020. The judgement invalidated the EU-US data transfer mechanism "Privacy Shield". The cases were generated based on implemented Google Analytics or Facebook tracking code on websites by EU providers, which leads to unlawful data transfers to the United States.
Email echange with Norwegian and Austrian DPA
noyb emphasizes that we never withdrew the complaint, as we told the DSB multiple times - which the DSB seems to have failed to communicate to the Nor DPA. Also, noyb asks the Nor DPA multiple times if they also investigated the data importer Meta Platforms Inc in the USA. The DPA dodged the question by repeating that Meta Platform Ireland (who are not the data importer!) has stated to have deleted the transferred data.
Decision by Norwegian DPA
Case closed because controller removed code for FB pixels in Aug 2020 and Facebook Ireland erased data in Nov 2020.
noyb sends a request for an update to the DSB
noyb contacted the DSB again seeking confirmation that communication should be with them as OSS
noyb emailes the DSB asking for guidance - who shall we communicate with? noyb states that we think that communication should be via the DSB.
noyb replies that we are happy to provide a statement and do not withdraw the complaint
noyb replies that we are happy to provide a statement and do not withdraw the complaint (other than suggested by the Norwegian DPA) and that the violation is not healed.
DSB confirmes that we are supposed to communicate witht them as OSS and they will get back to us
Norwegian DPA contacts us directly
Norwegian DPA contacts us directly and asked if we want to withdraw, because the controller stopped using the relevant tool. noyb tried to call the DSB but didn't reach them.
DSB notifies us that the procedure is stayed until establishment of LSA