European Parliament website found to violate EU GDPR regulations
The European Commission has previously introduced general data protection regulations applicable to the Internet and technology platforms, which stipulate that user information may not be collected without user permission.
At the same time, the regulation also stipulates that data should not be transmitted outside the EU without user permission and regulatory approval. If the regulation is violated, a huge fine may be faced.
But something embarrassing is that some users recently discovered that the EU’s own website violated the regulations, and the COVID-19 test-booking website launched by the European Parliament violated the EU GDPR regulations.
Not only does this website illegally transmit data to the United States without the user’s consent and regulatory approval, but the cookie notification bar presented to visitors was confusing and deceptively designed.
This testing site itself does not process any health information of EU citizens, but other information collected is still transmitted to the United States without the user’s consent.
This behavior is also a violation of the General Data Protection Regulation. In fact, after testing, the website will make more than 150 requests to some US companies when it loads.
At the same time, the test also found that the Cookies prompt bar of the website is deceptive, and it uses a more eye-catching green button to induce users to click the accept button.
The default save option button uses light gray to make users more inclined to click the green accept button. This deceptive behavior also violates the General Data Protection Regulation.
The European privacy protection non-profit organization discovered this problem in October last year and lodged a complaint with the European data protection supervisor, but so far there is no result.
The European Data Protection spokesperson said that the complaint would be thoroughly investigated, but the chairman of the non-profit organization said that the European Parliament did not comply with its own rules.
Via: TechCrunch