The European Data Protection Supervisor (EDPS), who monitors compliance with privacy and data protection rights by European institutions and authorities, has sanctioned the European Parliament for a number of violations of data protection law.
The decision of the regulatory authority concerns the COVID-19 test booking website, which the European Parliament launched in September 2020 via the third-party provider Ecolog.
Last year, six MPs, with the support of the European data protection group NOYB, filed a complaint against the website about the presence of third-party trackers and confusing cookie consent banners, as well as a host of other legal and ethical issues about transparency and data access.
As a result of the investigation, the European Parliament was found guilty on several counts, although there was no fine. The EDPS reprimanded and ordered that all open issues be resolved within one month.