10. December 2021
The online clothing sales website vinted.com, operated by the Lithuanian company Vinted UAB, has recently had to face a large number of complaints regarding data protection aspects. The appeals were addressed to several national supervisory authorities, which, as a result, joined forces to investigate the website’s overall compliance with the GDPR. To this end, a task force was established, supported by the European Data Protection Board (EDPB), which held its first meeting on November 8th, 2021.
Vinted’s headquarters are located in Lithuania, which makes the State Data Protection Inspectorate (Lithuanian data protection authority) the leading supervisory authority. However, the platform is available in several other countries in Europe, whose supervisory authorities also received the aforementioned complaints. For this reason, the establishment of the task force was jointly decided by the national supervisory authorities from France, Lithuania and Poland. The aim of this task force is to ensure a coordinated approach to resolving the complaints received. It shall also enable a consistent and efficient examination of the compliance of Vinted’s data processing practices with the provisions of the GDPR.
The investigations focus in particular on the following issues:
- website operator’s requirement to upload a scan of the user’s identity card in order to unblock funds received from sales on the corresponding account and the relevant legal basis,
- procedure and criteria for blocking the user’s account and
- applicable data retention periods.
This is not the first time Vinted has been accused of controversial practices. Back on May 18th, 2021, the French consumers group UFC Que Choisir filed a class-action lawsuit with 16 million users against the company for “misleading business practices.” These are said to consist of charging an allegedly optional commission on every transaction, the amount of which only appears at the time of payment.
18. June 2021
It has been known for years that the US National Security Agency (NSA) had been targeting leading politicians. But now new details of the spying operation are coming to light. Several European media investigated the case and found out that the NSA had been using Danish underwater internet cables from 2012 to 2014 to eavesdrop on leading European politicians. It was only through the research that the members of the governments learned of the spying. With regard to this, questions arose, whether Denmark was involved and knew about the operation. Now various European countries demand answers to the allegations.
The media reports revealed that the Danish Defence Intelligence Service (DDIS) had helped the NSA to wiretap European politicians (in German) by allowing the NSA to use the secret Sandagergårdan listening post near Copenhagen. An important internet hub for various underwater cables was then tapped there. The NSA apparently got access to text messages, telephone calls and internet traffic including searches, chats and messaging services.
Following the revelations by former NSA contractor Edward Snowden and a subsequent investigation by a secret internal working group at DDIS, the Danish-US cooperation in the surveillance of European neighboring countries was documented in an internal report of DDIS in 2015. However, the findings have not been disclosed until today. Nevertheless, the Danish government has probably known about the spying operation since 2015 at the latest. More than that, the surveillance apparently also targeted Denmark itself (in German), including the Ministry of Foreign Affairs and the Ministry of Finance.
Danish Defence Minister Trine Bramsen was informed about the spying in August 2020. In the wake of that, some DDIS employees were fired, without a full explanation being released. The government said at the time that an audit had raised suspicions of illegal surveillance by DDIS. In October 2020, the Danish Ministry of Justice ordered a commission of inquiry into the operations at DDIS. Its conclusions are due at the end of 2021.
French President Emmanuel Macron and German Chancellor Angela Merkel, being among those affected by the espionage, made clear that such tactics were not acceptable between allies. Norwegian Prime Minister Erna Solberg and Swedish Defence Minister Peter Hultqvist agreed with the statements. While emphasizing the value of relations between Europeans and Americans, they insisted on explaining the case by the two accused countries. Neither of the intelligence services would comment on the allegations. The Danish Defence Minister only stated in general terms that systematic wiretapping of close allies was unacceptable.