https://www.techdirt.com/articles/20180605/22253339978/eu-commission-violates-gdpr-claims-that-exempt-law-legal-reasons.shtml > Last week, we noted that the EU Parliament's website appeared not to be compliant with the GDPR. As we noted, this was pointed out in response to EU Commissioner Vera Journova claiming that complying with the GDPR was so easy, that even she could do it. Now, a valid response to all of this would be to point out that the EU Parliament is different than the EU Commission or other parts of the EU government. But, now that we know the EU Parliament is not compliant, would it surprise you at all to find out that the European Commission is also not compliant with the GDPR. Apparently, while she was so busy claiming it was easy to comply with, Journova forgot to have the Commission itself comply. > Specifically, Jason Smith, at the website Indivigital, discovered that various places on the EU's websites were hosting spreadsheets with personal information on many people who had attended events, and were revealing that information without permission (the report also found various GDPR violations involving 3rd party cookies).