BRUSSELS — The European Commission will provide a financial band-aid next year to Baltic nations suffering collateral economic damage from EU sanctions against Russia. The region is being hit particularly hard because of falls in tourism and investment, along with the collapse of cross-border trade. Regions Commissioner Raffaele Fitto is leading the plan, which aims to kickstart the economies of Finland and its Baltic neighbors, according to diplomats and Commission officials who were granted anonymity to speak freely. The intended recipients are also heading to Brussels with a lengthy wish list, hoping Fitto’s plan will reignite their economies. Their concerns will take center stage during a summit of leaders from Eastern European countries in Helsinki on Dec. 16. “We want to have special attention to our region — the eastern flank, including Lithuania — because we see the negative impact coming from the geopolitical situation,” Lithuania’s Europe minister, Sigitas Mitkus, said in an interview with POLITICO earlier this month. “Sometimes it’s difficult to convince [investors] that … we have all the facilities in place.” But skeptics warn that any immediate financial support Fitto can provide will be meager, given the scale of the challenge and with the bloc’s seven-year budget running low. The EU has agreed 19 sanction packages against Moscow in a bid to cripple the Russian war economy, which has bankrolled the Kremlin’s invasion of Ukraine since February 2022. In doing so, Finland, Estonia, Latvia, and Lithuania have all taken a hit. While the threat of a Kremlin invasion has deterred tourists and investors, the sanctions have choked off cross-border trade with Russia, and everything has been made worse by skyrocketing inflation after the pandemic. Dwindling housing prices have also made it more difficult for businesses to provide collateral to secure loans from banks. “People who had cross-border connections with some economic consequences have lost them,” Jürgen Ligi, Estonia’s finance minister, told POLITICO. A native of Tartu on Estonia’s eastern flank, Ligi has witnessed these problems first-hand as he owns a house only four kilometers from the Russian border. “Estonia’s economy has suffered the most from the war [which caused] problems with investments and jobs,” Ligi added. According to the Commission’s latest forecast, Estonia is expected to grow by only 0.6 percent in 2025 — well below the EU average — even though economic activity is expected to pick up in 2026 and 2027. The EU has agreed 19 sanction packages against Moscow in a bid to cripple the Russian war economy, which has bankrolled the Kremlin’s invasion of Ukraine since February 2022. | Sefa Karacan/Getty Images In another sign of financial strain, Finland breached the Commission’s spending rules in 2025 due to excessive spending and an economic slowdown caused by the war. “We will be acknowledging the difficult economic situation Finland is facing, including the geopolitical and the closure of the Russian border,” EU Economy Commissioner Valdis Dombrovskis, said on Tuesday. SCRAPING THE BARREL But Fitto’s options could be limited until the bloc’s new seven-year budget, known as the multi-annual financial framework (MFF), is in place by 2028. “My sense is that the communication won’t come with fresh money but with ideas that can be pursued in the next MFF,” said an EU diplomat who was granted anonymity to discuss upcoming legislation. Mindful of dwindling resources in the EU’s current cash pot, Lithuania’s Mitkus is demanding that Baltic firms get preferential access to the EU’s new funding programs from 2028 — something that is currently lacking in the Commission’s budget proposal from July. Officials from the frontline states are exploring other options. These include Brussels loosening state aid rules so they can subsidize struggling firms, and getting the European Investment Bank to provide guarantees to companies that want to invest in the region. While the upcoming strategy will draw attention to these problems, officials privately admit that it’s unlikely to mobilize enough cash to solve them immediately. “It will build the narrative that in the next MFF you can do something for [pressing issues for Eastern regions such as] drones production,” said the EU diplomat quoted above. But until 2028, “I don’t expect any new money.”

BRUSSELS — The European Commission said it is “not empowered to take action” amid concerns about the appointment of a former tech lobbyist to Ireland’s privacy regulator. The Irish Council for Civil Liberties — a non-profit transparency campaign group — on Tuesday filed a complaint calling on the Commission to launch an inquiry into how Niamh Sweeney was appointed to co-lead the Irish Data Protection Commission. Citing reporting from POLITICO, the complaint alleges the appointment process “lacked procedural safeguards against conflicts of interest and political interference.” It’s the first formal challenge to the decision after Sweeney took up her role as one of three chief regulators at Ireland’s top data regulator this month. Her prior experience as a lobbyist for Facebook and WhatsApp reignited concerns that the regulator is too close to Big Tech. In response to the complaint, Commission spokesperson Guillaume Mercier said that “it is for the member states to appoint members to their respective data protection authorities.” The Commission “is not involved in this process and is not empowered to take action with respect to those appointments,” Mercier told a daily press briefing Tuesday. He emphasized that countries do need to respect requirements set out in EU law — that the appointment process must be “transparent,” and that those appointed should “have the qualifications, the experience, the skills, in particular in the protection of personal data, required to perform their duties and to exercise their powers.” The complaint asked the Commission to look into the appointment as part of its duties to oversee the application of EU law, claiming these responsibilities had not been met by Ireland. Sweeney was appointed by the Irish government on the advice of the Public Appointments Service, the authority that provides recruitment services for public jobs, which has previously expressed its full confidence in the process.

BRUSSELS — Europe’s powerful privacy activists are wielding a sharp new legal tool that, if successful, could see the cost of privacy breaches balloon into the billions for Big Tech. European consumers in recent years have seen a law take effect that allows them to club together to look for compensation for damages caused by companies. Armed with Europe’s blockbuster privacy law, the General Data Protection Regulation, internet users — often represented by savvy digital rights groups — are now gunning for big payouts.   The European Union has had a Collective Redress Directive in force since 2020, designed in the wake of the Volkswagen emissions scandal to better protect large groups of consumers from suffering the same harm, and to collectively look for compensation. One of the laws the directive can help enforce is the GDPR. Already, Dutch non-profit SOMI has launched collective redress actions against TikTok and Meta; the Irish Council for Civil Liberties has lodged one against Microsoft; and Austrian privacy group Noyb is preparing to launch its first action against credit ratings agency CRIF. Privacy groups see “a lot of potential” in collective redress as a new avenue, especially for GDPR breaches by Big Tech, said Ursula Pachl, who last year took on the role of spearheading collective redress actions at Noyb — one of Europe’s most prolific privacy watchdogs — after more than a decade working at powerful Brussels consumer lobby association BEUC. “Enforcement has always been the Achilles heel of the European Union, particularly in regards to consumer protection,” Pachl said. The GDPR in particular lends itself well to collective action because “everybody in Europe probably suffers from the same illegal behavior if there is a Big Tech company who does something which doesn’t respect the GDPR,” she said. Guillaume Couneson, a data protection lawyer with the firm Linklaters, said that when a breach is confirmed by a data protection authority, collective redress actions could “immediately [pop] up like mushrooms.” MULTIPLYING FINES A recent landmark court case highlighted just how much collective redress actions could sting tech firms and others alike. A judge at the EU’s General Court ruled in January that a complainant, Thomas Bindl, was entitled to damages when he was faced with “some uncertainty” about what happened to his data. Bindl’s case rested on his having clicked a “Sign in with Facebook” hyperlink displayed on a European Commission webpage. The judge ruled Bindl was owed €400 in damages — a judgement that was quickly seen as setting the bar for compensation for a single breach of the GDPR . Couneson said the case “surprised many by the height of the damages” and had raised immediate concerns for businesses about the multiplier effect of what happens if “it’s a million people claiming €400.” Thomas Bindl’s case rested on his having clicked a “Sign in with Facebook” hyperlink displayed on a European Commission webpage. | Olivier Hoslet/EPA That’s a daunting prospect for Big Tech firms, especially if such class action cases take off in Europe, where the tech sector has faced much heavier regulatory scrutiny and court losses than in the United States. Class actions are predominantly a phenomenon of the U.S. legal system, where they are seen as a way to relieve courts of many similar cases and for consumers to get compensation in a more cost-effective way. But the U.S. system has also led to court cases driven by opportunistic litigation, with lawyers actively rallying plaintiffs to bring forward a case in order to take a cut of the winnings.   Countries like the Netherlands and Belgium have long traditions of collective action for consumers, while in other EU countries legal routes have been limited or don’t exist. But before the directive, legal avenues to take consumer group actions were “quite patchy” across the EU, said Florence Danis, also a lawyer at Linklaters.  The first article of the EU directive on collective redress says it will put in place “appropriate safeguards to avoid abusive litigation.” The power to take up cases is granted only to not-for-profit, independent, consumer-focused organizations, while EU countries are required to create a legal route for these “qualified entities.”  According to Karen Shin, a California-based privacy lawyer at law firm Blank Rome, non-profits might be less inclined to take genuine cases due to the costs they could trigger. In many EU countries as well as in the United Kingdom, the losing side of a court case pays for attorney’s fees and costs, which “may limit the usage of class actions in the EU,” she said.   NEW PRIVACY BATTLEGROUNDS Enforcement of the GDPR was designed to be the domain of national data protection authorities across the EU. Because the principle of a “one-stop shop” regulator was built into the law, most of the landmark privacy cases have fallen into the hands of Ireland’s chief regulator, the Irish Data Protection Commission. Charged with regulating the many Big Tech companies headquartered in the country, the Irish regulator has handed down most of the biggest fines in the history of the GDPR, including the €1.2 billion against Meta over data transfers to the U.S. and the €530 million against TikTok relating to Chinese data transfers. But those fines took years to decide. For years, civil society and other data protection regulators were left frustrated over perceived inaction by the Irish DPC. Noyb has repeatedly criticized the Irish regulator over what it describes as tardy or lenient enforcement against Big Tech. A 2023 report from the Irish Council of Civil Liberties estimated that 67 percent of the Irish DPC’s EU-level investigations had been overruled by a majority of its European counterparts demanding tougher enforcement action. Ireland has also thrown up barriers to the use of collective action, through both centuries-old laws and its implementation of the new directive. The country’s legal system prohibits third-party funding of collective actions, harking back to old laws from as early as the 14th century that were reaffirmed by the Irish Supreme Court in 2017. Ireland has also limited contributions from consumers to collective cases at €25 per person. This is something that Noyb, a familiar presence in Irish courts, has raised as a concern with the European Commission, arguing it infringes on the EU directive. EU countries “[have] a positive obligation to make sure that financially it’s not an obstacle” to start collective action cases, Pachl said. Ireland will still be an “obvious forum” for GDPR collective redress actions, given that many Big Tech defendants are based there, said Linklaters’ Danis. But, she added, consumers are not geographically bound by the directive: “Even if you’re an Irish plaintiff or representative, you could go before the French court to claim damages to the benefit of French consumers, for instance.”  

Political posturing over migration has delivered yet another blow to Europe’s beleaguered free-travel zone. Faced with right-wing demands at home to control the flow of people arriving from outside the EU’s borders, the leaders of Poland and Germany are seeking easy wins which might placate populists — but put the once-sacred Schengen area on life support. Warsaw’s patience with Germany sending migrants back to Poland “is becoming exhausted,” Polish Prime Minister Donald Tusk said, as he announced the imposition of checks on his country’s borders with Germany and Lithuania from July 7. Almost four decades after the introduction of the borderless travel area that encompasses 450 million people from 29 countries — four of which aren’t in the EU — supposedly temporary border controls in the name of exceptional security concerns are increasingly the norm, creating the impression Schengen exists more in name than in substance. But with the rise of far-right parties and several years of migration from Ukraine — and before that, the Middle East — carveouts to the border-free zone rules have become an easy solution for politicians looking to show they mean action. “We consider the introduction of controls necessary,” Tusk said, pointing the finger at Germany’s “unilateral” action. In May, the conservative-led government of Chancellor Friedrich Merz ramped up checks on Germany’s borders, including with Poland, following pressure from Berlin’s own opposition party, the far-right Alternative for Germany (AfD). Warsaw’s patience with Germany sending migrants back to Poland “is becoming exhausted,” Polish Prime Minister Donald Tusk said. | Rafal Guz/EPA German police will turn away more undocumented immigrants, including asylum seekers, Merz said. The move further bolstered border controls the previous government had already put in place October 2023. The crackdown riled Germany’s neighbors, including Poland, despite Merz’s promises to step up Berlin’s relationship with Warsaw — an alliance he considers key for driving a united European defense policy. While politicians have warned Germany’s controls could chip away at the free movement of people and goods within the Schengen area, critics have also called the border measures largely symbolic. Poland’s Fakt newspaper said that German authorities returned 1,087 people to Poland between May 1 and June 15 this year, pointing out that those numbers aren’t significantly different from last year’s. According to German police union figures, the new checks led to 160 asylum applicants being rejected in the first four weeks. It’s a small fraction of total refusals — on average, up to 1,300 people per week are rejected for lacking the necessary documentation. Germany’s move, however, has created a political problem for Tusk’s ruling centrist Civic Coalition. Having narrowly lost the presidential election to the populist Law and Justice (PiS) party, it’s feeling the hot breath of rightwing opposition parties that want a tougher stance on migration. Civic Coalition and PiS are currently neck-and-neck in POLITICO’s Poll of Polls and the hard-right Confederation has surged since the last general election in 2023. All 3 Years 2 Years 1 Year 6 Months Smooth Kalman Polish civilian vigilante groups tied to right-wing parties are staging patrols along the frontier with Germany. “Poland’s western border is ceasing to exist,” Mariusz Błaszczak, a senior PiS politician, warned last week. He blamed Tusk’s “servility toward Berlin.” Sławomir Mentzen, a Confederation leader, accused the Polish Border Guard of cooperating with Germany in accepting illegal migrants. The government has denounced those attacks. “Don’t play politics with Poland’s security. This is not the time or place for such actions,” Tomasz Siemoniak, Poland’s interior minister, said on X.  Poland’s retaliatory controls have also put Merz’s border policy in the firing line, with Germany’s left-wing opposition painting Warsaw’s decision as a clear setback. “This is a devastating signal for a German government and a ‘foreign chancellor’ Merz, who promised to regain trust in Europe,” Chantal Kopf, a lawmaker for the Greens, told POLITICO. Knut Abraham, a member of Merz’s conservatives and the government’s coordinator for the German-Polish relationship, in an interview with Welt also warned against lasting checks. While they are “necessary as a political signal that migration policy in Germany has changed … the solution cannot be to push migrants back and forth between Poland and Germany or to cement border controls on both sides,” he said. Merz on Tuesday defended Germany’s border checks. “We naturally want to preserve this Schengen area, but freedom of movement in the Schengen area will only work in the long term if it is not abused by those who promote irregular migration, in particular by smuggling migrants,” he said.