Schrems’ noyb files 101 complaints about data transfers to the US



In the aftermath of the Schrems II decision on EU-US data transfers, the privacy activist, Max Schrems, and his None of Your Business (noyb) group have launched 101 complaints against European companies. noyb says that complaints have been filed in all 30 EU and EEA member states against companies that still forward data about each visitor to Google and Facebook. The complaints are also brought against Google and Facebook in the US, for continuing to accept these data transfers, despite them being in violation of the GDPR following last month’s judgment of the Court of Justice of the European Union.

Schrems aims to put pressure on EU DPAs, who have not yet formed a unified view towards the use of Standard Contractual Clauses (SCCs) in place of the invalidated EU-US Privacy Shield. He said: “We will gradually take steps against controllers and processors that violate the GDPR and against authorities that do not enforce the Court's ruling, like the Irish DPC that stays dormant.”

“The Court was explicit that you cannot use the SCCs when the recipient in the US falls under these mass surveillance laws. It seems US companies are still trying to convince their EU customers of the opposite. This is more than shady. Under the SCCs the US data importer would instead have to inform the EU data sender of these laws and warn them. If this is not done, then these US companies are actually liable for any financial damage caused.”

The EU DPAs and the European Commission are working towards finding a solution with the US to create a new framework that fully complies with EU data protection law.

See:

More reporting on this case in PL&B News.