The Privacy Collective filed wrongful use of personal data class-action lawsuits against Oracle and Salesforce (Forbes 2020). The companies are accused of violating the General Data Protection Regulation (GDPR) by not getting consent from individuals for how their data would be processed, and for not securing the personal data appropriately. The GDPR aims to protect the personal data of individuals, and is a regulation that is enforced by the European Union, but has wide reaching consequences for global institutions.
These class action lawsuits could mean significant penalties for Oracle and Salesforce, to the amount of potentially 10 billion euros (TechCrunch 2020). Both companies issued statements that they disagree with the meritless claims (Forbes 2020). These high-profile cases are a reminder that companies and institutions need to understand and comply with the GDPR, and be prepared to explain their practices when challenged.
CITI Program offers GDPR training for individuals and organizations, from an overview webinar to an in-depth seven module course.
- The GDPR for Research and Higher Ed course provides an overview of the EU’s GDPR. View Details
- The GDPR & Human Subject Research in the U.S. webinar presents when the GDPR may apply to your research, what you should do to be compliant, and where to go for further information. View Details
- Forbes. 2020. Oracle and Salesforce Hit With $10 Billion GDPR Class-Action Lawsuit. August 14.
- TechCrunch. 2020. “Oracle and Salesforce hit with GDPR Class Action Lawsuits Over Cookie Tracking Consent.” August 14.