Search

noyb filed a complaint against Ryanair. When booking through an online travel agent, the airline pushes some customers to go through an invasive facial recognition process

Today, noyb files complaints against 15 Belgian news sites using unlawful cookie banners. Among them are news outlets like RTL Belgium, Het Laatste Nieuws and L'Avenir

The Norwegian DPA is the first national data protection authority declaring behavioral advertising on Meta platforms illegal. noyb welcomes this decision

The Data Protection Authority of Lower Saxony (LfD) decided that the “Pay or Okay” solution used by heise.de was unlawful

EU Commissioner Reynders repeatedly attacked "non-profits" like noyb, alleging they bring cases before the CJEU as a "business model".

European Commission announces third "Safe Harbor", without substantial changes. noyb will bring third adequacy decision back to CJEU.

In today's decision, the CJEU declared Meta/Facebook's GDPR approach largely illegal - similar to noyb's previous litigation before the EDPB leading to a fine of € 390 million.

Today the European Commission has issued a proposal to fix the (lack of) cooperation between some Data Protection Authorities (DPAs). It is a step back - not forwad.

Swedish data protection authority (IMY) issued decisions against four companies and imposed a fine of 12 mio SEK (1 mio Euro) against Tele2 and 300.000 SEK against CDON

Yesterday, the Irish DPC managed a narrow win in Parliament and got a new law passed that shall make criticism of DPC procedures impossible.

The Irish government tries to sneak a provision into the Irish Data Protection Law allowing any part of the procedure being declared "confidential". Legitimate criticism would become a crime.

TeleSign generates a “reputation score” and sells it to various clients. TeleSign secretly received the mobile phone data from BICS, a Belgian company that provides interconnection services

CNIL fined CRITEO, the biggest online advertisement and tracking company in Europe €40 Mio based on complaints by noyb and Privacy International.

Following a noyb complaint and litigation over inactivity, the Swedish Data Protection Authoirty (IMY) has issued a fine of about € 5 million against Spotify.

noyb's proceedings against credit reporting agency CRIF are draining a swamp of legal violations and cynical interpretation of the GDPR.

On 25 May 2018, the GDPR came into force; 5 years later, national authorities and courts largely let down the European legislator

Facebook must stop further transfers of European personal data to the United States, given that Facebook is subject to US surveillance laws (like FISA 702 and EO 12.333).

The Maltese Data Protection Authority (IDPC) has taken decisive action against C-PLANET, the IT company responsible for a voter data breach in Malta.