CNPD stated that Amazon did not comply with the E.U. rules and used the personal data of users without their consent for commercial gains
Luxembourg’s National Commission for Data Protection, also known as Commission Nationale pour la Protection des Données (CNPD), has fined Amazon with U.S. $ 886.6 million (£ 636 million) for allegedly breaking European Union (E.U.) data protection laws.
The CNPD said that Amazon did not comply with the E.U. rules and used the personal data of users without their consent for commercial gains. The Amazon stressed that the firm strongly disagrees with the CNPD’s ruling and intends to appeal. It also clarified that it collects data to improve the customer experience, and sets guidelines governing what employees can do with it.
A statement from amazon read, “We believe the CNPD’s decision to be without merit and intend to defend ourselves vigorously in this matter.”
An Amazon Spokeswoman said, “There has been no data breach, and no customer data has been exposed to any third party. These facts are undisputed.”
She further said, “We strongly disagree with the CNPD’s ruling, and we intend to appeal. The decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law, and the proposed fine is entirely out of proportion with even that interpretation.”
The penalty is the result of a 2018 complaint by French privacy rights group, La Quadrature du Net, a group that claims to represent the interests of thousands of Europeans to ensure their data isn’t used by Big Tech companies to manipulate their behaviour for political or commercial purposes. The complaint, which also targets Apple, Facebook Google and LinkedIn, was filed on behalf of more than 10,000 customers. It alleges that Amazon manipulates customers for commercial means by choosing what advertising and information they receive.
The move comes following rising regulatory scrutiny of large tech companies due to concerns over privacy and misinformation, as well as complaints from some businesses that the tech giants have abused their market position. Earlier in June 2021, the Wall Street Journal reported that Amazon could be fined more than U.S. $ 425 million under the E.U.’s privacy law.
Though Amazon is not the first large company to fall foul of the E.U.’s General Data Protection Regulation (GDPR), but has been imposed with the largest fine ever since the law came into effect in 2018. Companies such as Google, British Airways, H&M and Marriot Hotels have all faced penalties from E.U. for breaching the rules. However, their fines were in the tens, rather than the hundreds of millions.
The E.U. also has concerns about how Amazon uses sensitive commercial information on third-party products like volume and price. For the records, in November 2020, the European Commission charged Amazon with abusing its dominant position in online retail to gain an unfair advantage over competitors. Meanwhile, in May, Amazon won a court battle over € 250 million (£ 215 million) in taxes it had been ordered to pay Luxembourg. The European Commission had ordered the tech giant to repay the funds as back taxes, alleging that Amazon had been given unfair special treatment, but a court overturned the order.
