Today, the EU's General Court held that the Irish DPC acted unlawful when it refused to investigate a noyb complaint. The European Data Protection Board (EDPB) held in December 2022 that Meta illegally used the personal data of users for advertising without consent under Article 6(1) GDPR. The EDPB also decided that the DPC should have also investigated the use of sensitive data (Article 9 GDPR), but the DPC refused to comply with this binding decision. Instead, the DPC sued the EDPB before the European Courts. The General Court has dismissed the DPC's claims. The case can now be appealed to the CJEU.
- General Court judgement
- Original noyb Complaint from 25.5.2018
- EDPB decision from 05.12.2022
- Joined cases: T-70/23, T-111/23,.T-84/23
First statement. In a first statement on ruling by the General Court, the chairman of noyb said the following:
Max Schrems, Chairman of noyb: "This case already has been going on for more than six years, with the DPC refusing to take action, which benefits US Big Tech. We are happy about the Court's decision to dismiss the DPC's claims, but it also means that the cases starts again from square one. Any final decision will take years before the DPC and before the Irish courts. The DPC is a master of grotesque sidesteps and loops in procedures – with the consequence that US Big Tech is never receiving a penalty."
Background. This case is based on a noyb complaint from 2018, but noyb is not a party to the proceedings before the EU courts.
