Researcher – €1,200 Fine (Belgium, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Belgian Data Protection Authority fined a researcher EUR 1,200 for improperly handling Twitter data in a study. The researcher published sensitive information without adequate security measures, risking discrimination against individuals. This case shows the need for researchers to protect personal data and ensure transparency in their work.
What happened
A researcher published sensitive Twitter data without proper security measures, leading to potential risks for individuals involved.
Who was affected
Individuals whose Twitter data, including political, religious, and personal information, was analyzed and published without adequate protection.
What the authority found
The authority found that the researcher violated GDPR by failing to ensure data security and transparency, risking discrimination against data subjects.
Why this matters
This decision serves as a reminder for researchers and organizations to implement strong data protection measures and maintain transparency when handling personal data. It highlights the risks of publishing sensitive information without proper safeguards.
GDPR Articles Cited
The Belgian DPA has fined a researcher EUR 1,200. The fine was issued in connection with another fine against the NGO EU DisinfoLab. The researcher was employed at the NGO. In 2018, the NGO published an analysis to identify the possible political origin of tweets circulating on a particularly heated controversy in France, the 'Benalla affair.' For the analysis, the organization had processed the data of 55,000 Twitter accounts, of which more than 3,300 had been classified as political. The raw data obtained from this was then published without taking minimal security precautions, such as pseudonymizing the data. The DPA noted that publication of the data could potentially expose data subjects to the risk of discrimination or discredit because of the non-anonymized political profiling. In addition, the files also contained information about the religious beliefs, ethnic origin, or sexual orientation of the individuals whose accounts were analyzed. For this reason, the DPA concluded that several obligations of the GDPR, such as lawfulness of processing, transparency to data subjects, and data security, were violated.
Related Enforcement Actions (0)
No other enforcement actions found for Researcher in BE
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
27 January 2022
Authority
Autorité de Protection des Données
Fine Amount
€1,200
Enforcement Tracker ID
ETid-1022
About this data
Cite as: Cookie Fines. Researcher - Belgium (2022). Retrieved from cookiefines.eu
Last updated: