Amazon slammed with $887 million fine by EU privacy regulators

Posted:
in General Discussion
Luxembourg's privacy regulator has found Amazon in violation of laws related to privacy and advertising, issued a record $887 million fine.

Amazon hit with record GDPR fine
Amazon hit with record GDPR fine


The specific reasons for the fine were not disclosed, however Amazon says the decision was made without merit and it would appeal in court. The CNPD, Luxembourg's privacy regulator, ordered Amazon to revise its business practices and pay the fine.

The Wall Street Journal reports that the record high fine was made in line with the General Data Protection Regulation introduced three years ago. The previous highest fine was against Google, for $59 million in 2019.

Cross-boarder privacy cases require other EU privacy regulators to weigh in on the fine and adjust it accordingly. At least one complaint has already been issued suggesting that the fine isn't high enough.

Amazon responded to the fine, stating it was out of proportion with the law. "The decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law, and the proposed fine is entirely out of proportion with even that interpretation," the company said in a statement.

The fine comes after the EU announced new legislation in December that would incur even larger fees if tech companies couldn't comply with antitrust and privacy regulations. Apple's own advertising segment may be next on the chopping block as French regulators have already begun a probe into the business.

Read on AppleInsider

Comments

  • Reply 1 of 19
    bloggerblogbloggerblog Posts: 2,078member
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    edited July 30 evolutaderutterwilliamlondonleavingthebiggDnykjpRfC6fnBsd_2pujones1dewmeArchStantonspock1234
  • Reply 2 of 19
    DAalsethDAalseth Posts: 1,725member
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    I agree about the EU, but they aren’t the only one hunting for cash. However if they are going to go after privacy violators, Apple might have the deepest pockets, but they aren’t anywhere near the most flagrant violators. 

    That said though, I will always cheer when someone takes a bite out of Amazon. The more the better.
    p-dogXedMplsPspock1234watto_cobra
  • Reply 3 of 19
    bfranksbfranks Posts: 19member
    That’s “walking around money” for Amazon, they can write that off, but it does open the door for more legal action, so Amazon will fight it. 
    watto_cobra
  • Reply 4 of 19
    lkrupplkrupp Posts: 9,462member
    “The problem with socialism is you eventually run out of other people’s money.”

    Margaret Thatcher
    equality72521aderutterwilliamlondonapplguyd_2dewmeArchStantonpichaelFileMakerFellerwatto_cobra
  • Reply 5 of 19
    gatorguygatorguy Posts: 23,171member
    I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    LOL. Of course it's about Google in an Amazon thread. Yesterday it was about Google in a Facebook thread.  

    Just for giggles tho, what are these nefarious (wicked) ways you imagine your Google profile is used?  It's already a known fact, even if maybe not to you, that they don't sell it. 
    edited July 30
  • Reply 6 of 19
    KTRKTR Posts: 167member
    DAalseth said:
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    I agree about the EU, but they aren’t the only one hunting for cash. However if they are going to go after privacy violators, Apple might have the deepest pockets, but they aren’t anywhere near the most flagrant violators. 

    That said though, I will always cheer when someone takes a bite out of Amazon. The more the better.
    They could stop selling to the EU.  Then what.
    williamlondon
  • Reply 7 of 19
    elijahgelijahg Posts: 2,315member
    KTR said:
    DAalseth said:
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    I agree about the EU, but they aren’t the only one hunting for cash. However if they are going to go after privacy violators, Apple might have the deepest pockets, but they aren’t anywhere near the most flagrant violators. 

    That said though, I will always cheer when someone takes a bite out of Amazon. The more the better.
    They could stop selling to the EU.  Then what.
    Entertaining the idea that a massive multinational like Amazon or Apple will pull out of the EU is laughable. They don’t make decisions to “get revenge”, they make decisions that keep profit coming in. And even these massive fines are pocket change to companies like Amazon.

    It’s a long way before the fines and regulation make operating in the EU unprofitable. The overhead for smaller companies operating into the EU is a different matter though. 
    edited July 30 applguyspock1234
  • Reply 8 of 19
    avon b7avon b7 Posts: 5,901member
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    My understanding of this so far is that this is not an EU fine.

    It is a fine imposed by Luxembourg's data privacy agency under the EU's GDPR data protection laws and following a compliant from a French digital rights group. 
    FileMakerFellersphericmuthuk_vanalingam
  • Reply 9 of 19
    gatorguy said:
    I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    LOL. Of course it's about Google in an Amazon thread. Yesterday it was about Google in a Facebook thread.  

    Just for giggles tho, what are these nefarious (wicked) ways you imagine your Google profile is used?  It's already a known fact, even if maybe not to you, that they don't sell it. 
    The story is about user privacy and user data collection. Google (and Facebook) are factually the very biggest , BY FAR, and factually the most detailed collectors, BY FAR, of a user's private data information. So a story about data privacy might just involve the biggest collector's of private data.

    And what is nefarious about the data collection itself? That's like asking someone why they need privacy. Trying to turn the onus on the user to prove what theoretically a company might do with it. Lame. Regardless, to answer the question of "nefarious", the very breadth and depth of the numerous categories of private data collection is in itself something to raise a 'nefarious' eye too. Also, it's called Jigsaw, Google's Jigsaw. (yep, we know about that too)

    But if it'll make you feel any better, all companies, ALL, should be looked at with at least a modicum of a skeptical eye when they want to record your data points that are clearly outside of the individual app and clearly categories that are being the focus of that app's usage. Apple is by far the winner in the privacy category but that does not give them free pass. Their ToS should be scrutinized too when they speak of collecting user data. 
    d_2williamlondonspock1234watto_cobra
  • Reply 10 of 19
    CuJoYYCCuJoYYC Posts: 68member
    "cross-boarder"

    Really? Are there no editors on staff anymore?

    boarder noun
    a person who receives regular meals when staying somewhere, in return for payment or services

    border noun
    a line separating two political or geographical areasespecially countries
    pujones1elijahgfotoformatFileMakerFellerwatto_cobra
  • Reply 11 of 19
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.

    I think this is largely true. Good chance it is a regulatory shakedown. As gov regulators don't pay for the pursuit of these fines, taxpayers do. Amazon pays for their own mighty expensive defense (that Amazon can afford it or that some don't like Amazon is irrelevant in application of law or regulation). Ultimately if they can get Amazon to agree to pay something and change an Amazon action on the peripery, the particular gov people/politicians win -- they get their name in the media and a chance to move up the political ladder. 

    With that said, little IMHO is actually being done about the massing of private data. On that front the EU has done more -- not a lot but more. But what makes it suspect is they seem overly eager to go after United States companies regarding private data amassing. The reality is EU companies are just as guilty but don't have as big a share of markets. 
    Regarding France going after Apple, if France can show Apple has actually gathered private data outside explicit ToS? Apple deserves it. Apple sets the bar, a high one, for data privacy protection, so holding them to the standard is good. But Apple gathers little data, make's very little off monetizing data, and blocking what data they gather is readily available in iPhone(and explains fairly good what is gathered). There can't be much there for France other than headlines for a politician. And if France goes after Google or Facebook? If the fine is commensurate with the amount of data gathered? That's gonna be one massively huge fine (as much as I don't like the surveillance capitalism industry that FB and Google lead, it would be a grossly unfair to them). 
    williamlondonwatto_cobra
  • Reply 12 of 19
    MplsPMplsP Posts: 3,260member
    KTR said:
    DAalseth said:
    EU is desperate for cash, they're out to sue anyone with a treasure chest, I think this high fine is to prepare for the big one, Apple. I actually don't mind Amazon collecting my data while browsing their site, I already gave them my address, CC info, and I'm there to shop, no big deal if they show me what may interest me. What I do mind however is Google swiping my data across sites and without me knowing, only to build a profile that could be used and sold in many nefarious ways.
    I agree about the EU, but they aren’t the only one hunting for cash. However if they are going to go after privacy violators, Apple might have the deepest pockets, but they aren’t anywhere near the most flagrant violators. 

    That said though, I will always cheer when someone takes a bite out of Amazon. The more the better.
    They could stop selling to the EU.  Then what.
    The EU would be better off
    spock1234fotoformat
  • Reply 13 of 19
    IreneWIreneW Posts: 240member
    Why are all these, apparently American, posters complaining about EU (or, in this case, an individual member state) fining a company for violating GFPR? In Europe we actually have a law that says we, as individuals, own our data. That is not the case in the US, where companies may, more or less freely, buy and sell your private information.
    You should be glad EU makes sure there are mechanisms implemented to protect privacy, it may come in handy once you get your legislators to work for you (and not for the highest bidding lobbyist).
    croprnubuselijahgmuthuk_vanalingam
  • Reply 14 of 19
    sphericspheric Posts: 2,093member
    EU is desperate for cash, they're out to sue anyone with a treasure chest, 
    Please stop spouting this bullshit every time a US company gets caught doing something illegal. 

    The VAST majority of anti-trust and privacy violators that are fined by the EU are, in fact, EU COMPANIES. 

    Amazon is not the victim here. 
    edited July 31 fotoformatTRAGwilliamlondon
  • Reply 15 of 19
    crowleycrowley Posts: 8,742member
    lkrupp said:
    “The problem with socialism is you eventually run out of other people’s money.”

    Margaret Thatcher
    Socialism is government owning the means of production and the EU do not.  So the witch's words aren't even relevant.
  • Reply 16 of 19
    gatorguygatorguy Posts: 23,171member
    IreneW said:
    Why are all these, apparently American, posters complaining about EU (or, in this case, an individual member state) fining a company for violating GFPR? In Europe we actually have a law that says we, as individuals, own our data. That is not the case in the US, where companies may, more or less freely, buy and sell your private information.
    You should be glad EU makes sure there are mechanisms implemented to protect privacy, it may come in handy once you get your legislators to work for you (and not for the highest bidding lobbyist).
    I'm curious how the EU regards credit bureaus and industry-specific data aggregators, ie insurance. Do you know?  Can credit bureaus still sell personally identifiable data for marketing purposes as they've always done, one example perhaps selling a list of consumers with financial and family demographics indicating insurance or credit extension needs, and can certain consumer-facing industries still maintain trade databases to share between themselves? Almost all of that has traditionally been beyond consumer control beyond a few basic opt-ins and review options. One GDPR exception makes this a bit hazy and as I read it the data collection and (re)use may be permitted:
    • when there are legitimate interests – for example, if your bank uses your personal data to check whether you'd be eligible for a savings account with a higher interest rate
    edited July 31
  • Reply 17 of 19
    IreneWIreneW Posts: 240member
    gatorguy said:
    IreneW said:
    Why are all these, apparently American, posters complaining about EU (or, in this case, an individual member state) fining a company for violating GFPR? In Europe we actually have a law that says we, as individuals, own our data. That is not the case in the US, where companies may, more or less freely, buy and sell your private information.
    You should be glad EU makes sure there are mechanisms implemented to protect privacy, it may come in handy once you get your legislators to work for you (and not for the highest bidding lobbyist).
    I'm curious how the EU regards credit bureaus and industry-specific data aggregators, ie insurance. Do you know?  Can credit bureaus still sell personally identifiable data for marketing purposes as they've always done, one example perhaps selling a list of consumers with financial and family demographics indicating insurance or credit extension needs, and can certain consumer-facing industries still maintain trade databases to share between themselves? Almost all of that has traditionally been beyond consumer control beyond a few basic opt-ins and review options. One GDPR exception makes this a bit hazy and as I read it the data collection and (re)use may be permitted:
    • when there are legitimate interests – for example, if your bank uses your personal data to check whether you'd be eligible for a savings account with a higher interest rate
    Sorry, I'm not a lawyer and cannot say for sure. But i know that the companies i work for have spent considerably on making sure any customer information is automatically deleted (also from backups) when the relationship ends, that customers can see all data collected and that it can be erased on request.
    If it was legal to sell the data (in any form that's individually identifiable), those requirements couldn't be implemented -- but, i know there are exceptions, eg to maintain basic credit ratings.
    edited July 31
  • Reply 18 of 19
    crowleycrowley Posts: 8,742member
    gatorguy said:
    IreneW said:
    Why are all these, apparently American, posters complaining about EU (or, in this case, an individual member state) fining a company for violating GFPR? In Europe we actually have a law that says we, as individuals, own our data. That is not the case in the US, where companies may, more or less freely, buy and sell your private information.
    You should be glad EU makes sure there are mechanisms implemented to protect privacy, it may come in handy once you get your legislators to work for you (and not for the highest bidding lobbyist).
    I'm curious how the EU regards credit bureaus and industry-specific data aggregators, ie insurance. Do you know?  Can credit bureaus still sell personally identifiable data for marketing purposes as they've always done, one example perhaps selling a list of consumers with financial and family demographics indicating insurance or credit extension needs, and can certain consumer-facing industries still maintain trade databases to share between themselves? Almost all of that has traditionally been beyond consumer control beyond a few basic opt-ins and review options. One GDPR exception makes this a bit hazy and as I read it the data collection and (re)use may be permitted:
    • when there are legitimate interests – for example, if your bank uses your personal data to check whether you'd be eligible for a savings account with a higher interest rate
    There are mixed understandings of what GDPR means for credit rating agencies and the practices of selling data: https://www.bbc.co.uk/news/technology-54706066
    gatorguy
  • Reply 19 of 19
    gatorguygatorguy Posts: 23,171member
    crowley said:
    gatorguy said:
    IreneW said:
    Why are all these, apparently American, posters complaining about EU (or, in this case, an individual member state) fining a company for violating GFPR? In Europe we actually have a law that says we, as individuals, own our data. That is not the case in the US, where companies may, more or less freely, buy and sell your private information.
    You should be glad EU makes sure there are mechanisms implemented to protect privacy, it may come in handy once you get your legislators to work for you (and not for the highest bidding lobbyist).
    I'm curious how the EU regards credit bureaus and industry-specific data aggregators, ie insurance. Do you know?  Can credit bureaus still sell personally identifiable data for marketing purposes as they've always done, one example perhaps selling a list of consumers with financial and family demographics indicating insurance or credit extension needs, and can certain consumer-facing industries still maintain trade databases to share between themselves? Almost all of that has traditionally been beyond consumer control beyond a few basic opt-ins and review options. One GDPR exception makes this a bit hazy and as I read it the data collection and (re)use may be permitted:
    • when there are legitimate interests – for example, if your bank uses your personal data to check whether you'd be eligible for a savings account with a higher interest rate
    There are mixed understandings of what GDPR means for credit rating agencies and the practices of selling data: https://www.bbc.co.uk/news/technology-54706066
    Thanks. That's along the lines of what I've suspected. 
Sign In or Register to comment.