A prominent Austrian organization focused on privacy advocacy has gained increased power to initiate collective legal proceedings against corporations operating within the European Union. Noyb – European Centre for Digital Rights, led by the renowned privacy advocate Max Schrems, attained “qualified entity” status in both Austria and Ireland on 2 December 2024, under the 2020 Representative Actions Directive.

This designation permits recognised organisations to advocate for the collective rights of consumers in legal proceedings against companies that breach EU regulations, including the important General Data Protection Regulation, in the Member State where they have been designated and in other Member States when they meet the criteria for bringing cross-border representative actions.

Noyb, an acronym for “None of your business” (“because your privacy is none of a company’s business”), is the most recent addition to a roster of approximately 50 organisations currently authorised to initiate cross-border actions within the European Union under the Representative Actions Directive.

Noyb distinguishes itself from other privacy advocacy organisations by possessing resources frequently inaccessible to its counterparts. Led by Max Schrems, this group combines significant financial backing with considerable clout.

Noyb has established itself as an influential player in the realm of privacy enforcement. Its founder, Schrems, successfully contested two prior data-transfer agreements between the United States and the European Union, both of which were invalidated by rulings from the EU’s highest court.

In 2024, Noyb submitted 36 complaints urging EU data protection authorities to conduct investigations or take necessary actions. Most of these complaints targeted US companies, with 23 directed at Meta, Twitter, and Microsoft.