Political party – €28,000 Fine (Austria, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An Austrian political party was fined EUR 28,000 for sending emails that exposed recipients' email addresses and potentially their workplaces and political views. This matters because it highlights the importance of protecting personal information in communications.
What happened
A political party sent emails using an open distribution list, revealing recipients' email addresses and possibly their workplaces and political affiliations.
Who was affected
Email recipients whose addresses and potentially sensitive information were exposed.
What the authority found
The Austrian DPA fined the political party for failing to protect personal data in its email communications.
Why this matters
This case serves as a reminder for organizations to ensure email communications do not inadvertently expose personal information. It underscores the need for careful handling of contact lists to maintain privacy.
The Austrian DPA has imposed a fine of EUR 50,700 on a political party. The controller had sent two emails in an open distribution list. This allowed the recipients to view the email addresses of all other recipients and to determine the workplace and political affiliation of the data subjects. --- Update --- The Austrian Federal Administrative Court has reduced the amount of the fine from EUR 50,700 to EUR 28,000 due to the current financial situation of the controller.
Related Enforcement Actions (0)
No other enforcement actions found for Political party in AT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
1 January 2023
Authority
Datenschutzbehörde
Fine Amount
€28,000
Enforcement Tracker ID
ETid-2256
About this data
Cite as: Cookie Fines. Political party - Austria (2023). Retrieved from cookiefines.eu
Last updated: