European Commission
The officials in Brussels have insisted that the new data protection law GDPR does not apply to the European Commission, unlike companies and governments.
The Data Leak on EU’s Website
It comes as a shocking revelation for us after an embarrassing leak of personal data of hundreds of EU citizens by the European Commission (EU) itself.
In an embarrassing fiasco, the leak includes names, postal addresses, email details, and professions of almost 700 EU citizens.
Along with this, in some cases, it also reveals postal codes and addresses of British citizens.
It can be easily accessed online at European Commission's official website Europa.EU in Excel spreadsheets uploaded in 2013.
The Irony
A data protection expert from a law firm based in London focussed on the irony of the European Union’s admission. He states that the breach raises some serious questions about the general level of compliance and whether any other similar disclosures may come out.
He also states, “Although the information disclosed here does not appear to be particularly sensitive, it does raise questions about the general level of compliance, and whether any further inadvertent disclosures have been made”.
If any other organization had leaked such data, it would have been breaching regulations set under GDPR, and it would have meant the said organization might have had to face penalties reaching up to 4% of global turnover or 20 million euros.
The Embarrassment
Another security expert from California based company remarked the EU’s data leak as “embarrassing” coming so soon after GDPR implementation.
Moreover, just hours after the implementation of GDPR, many websites went offline. As a result, there were allegations that Facebook and Google had already breached the data.
Why doesn’t GDPR apply to the EU?
The EU official has stated that European institutions are separate entities and GDPR does not apply to them citing “Legal Reasons”.
What will the EU do to Protect My Personal Data?
It is understandable that EU officials will follow a new law similar to GDPR, but it won’t come into effect probably until October of this year.
You may also like to Read: