Amazon hit with record $885 million fine for violating EU privacy rules

[nanoguy]

Why it matters: The previous record holder for the highest fine received for GDPR violations was Google who received a €50 million penalty. However, Amazon was recently fined an eye-watering €746 million, signaling that violating privacy rules in the EU is getting a lot more expensive as time goes by.

Amazon seems to be doing relatively well under its new leadership, but the company's growth is slowing down and the shortcuts taken to achieve its gargantuan size are biting again. The retail giant has been fined a whopping €746 million ($885 million) after Luxembourg's National Data Protection Commission (CNPD) found the company had violated GDPR rules when processing personal data.

The Wall Street Journal spotted the fine in a security filing, where the company disclosed that it was issued two weeks ago after the CNPD concluded an investigation into Amazon's advertising practices.

Amazon noted in the filing the CNPD asked it to revise its advertising practices, but the company didn't reveal any details about the proposed changes. Either way, Amazon isn't happy about the fine, and believes "the decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law."

The company plans to appeal the decision in court, and argues the proposed fine is "entirely out of proportion." GDPR rules allow for the penalty to be €20 million or 4 percent of a company's annual global revenue, whichever is higher. Back in June, the Wall Street Journal saw a CNPD draft where the fine was set at $425 million, but that amount more than doubled after other EU privacy regulators weighed in on the matter.

Last year, the European Commission revealed the results of a separate investigation into how Amazon promotes its own products in the region. Specifically, the EU commissioners found that Amazon used third-party seller data from its marketplace to bolster its own products.

Depending on the outcome of that investigation, Amazon could be fined up to $28 billion.

GDPR enforcement seems to be taking a turn after privacy advocates have repeatedly criticized the European Commission for moving too slowly and applying small fines that do little to dissuade companies with deep pockets. For a company like Amazon, $885 million is still pocket change, but it's more than an order of magnitude higher than the $57 million Google had to pay for violating GDPR rules.

Permalink to story.

https://www.techspot.com/news/90613-amazon-hit-record-885-million-fine-violating-eu.html

 

[winjer]

That's a mere slap in the wrist.
Especially for a company as big as amazon, and as one that doesn't pay taxes.

 

[Dimitriid]

That'd mean dozens less space flights for it's new CEO!

 

[Austinturner]

That's a mere slap in the wrist.
Especially for a company as big as amazon, and as one that doesn't pay taxes.

50m is a slap on the wrist, 700m is more like a smack on the backside. It is finally getting towards a material amount and its definitely heading in the right direction.

 

[winjer]

50m is a slap on the wrist, 700m is more like a smack on the backside. It is finally getting towards a material amount and its definitely heading in the right direction.

Amazon has a revenue of over 100 billions per quarter.

 

[Austinturner]

Amazon has a revenue of over 100 billions per quarter.

Yes but fines directly reduce after tax profit, not revenue.

 

[duckofdeath]

That's a mere slap in the wrist.
Especially for a company as big as amazon, and as one that doesn't pay taxes.

It's the cost of around 1.5 Amazon sized data centres. It's a bit more than a slap on the wrist. Revenue comes largely from old investments, losing the ability to invest this much "costs" a lot more in the long run.
Fines in the low million figures, I agree, serves no purpose against these trillion dollar corporations. They "lose" more money when an IT guy resets the wrong fabric during a maintenance window.

 

[scavengerspc]

Oh hell is Europe running low on vacation and holiday funds again?

 

[winjer]

Yes but fines directly reduce after tax profit, not revenue.

Even if amazon only made 1% of profit, out of those 100 billions, it would be enough to pay this fine in just one quarter. And still have millions left.

 

[Austinturner]

Even if amazon only made 1% of profit, out of those 100 billions, it would be enough to pay this fine in just one quarter. And still have millions left.

I mean you said a slap on the wrist and I compared it to a smack on the bottom, I didn’t say it was an upper cut KO I’m sure that this fine is big enough to get their attention, maybe not to act as severe punishment or deter them from ever doing the same thing again, but definitely take notice.

 

[cuerdc]

Gdpr filling pockets with fines and been annoying me with permissions daily.
Biggest fail in data protection as everyone eventually allows full access to everything.

 

[Austinturner]

Gdpr filling pockets with fines and been annoying me with permissions daily.
Biggest fail in data protection as everyone eventually allows full access to everything.

There are some valuable protections and rights from gdpr that are not given away by clicking agree though.

The intent was good, the execution was pretty poor and overall it ended up working more in favours of big companies like facebook and google (compliance is easier for big companies with big budgets) and hurt smaller ones. I don’t think that was the intent, just an unintended consequence.

And I agree, for the users they are supposed to protect both the ePrivacy Directive (cookie law) and GDPR have mostly just been really bloody annoying with consent pop ups.

 

[winjer]

Gdpr filling pockets with fines and been annoying me with permissions daily.
Biggest fail in data protection as everyone eventually allows full access to everything.

The intentions were good and it does help a bit in protecting user privacy.
But companies do their very best to make those agreement popups as annoying as possible, so that users will just press the "allow all cookies".

 

[wiyosaya]

crApazon will do anything for a buck. After all, they do not have enough bucks yet.

 

[tellmewhy]

Big companies they stay still like siting ducks when the governments “arm the weapon” and only react when they have been already hit.

There is no much point to appeal when you pay interests on the fine as the time pass, they should have a team of lawyers to appeal (not just lobbying on politicians) on laws at supreme court when they have legal interest and at the time they where voted as soon as possible. For example too high interest above the inflation are doubtable, but nobody fought it in the supreme court.

Most laws they don’t have consistency with the constitution and they are full of holes. It’s obvious they don’t care for the privacy(users have options if they want privacy) they want the money.

 

[EClyde]

Gdpr? is what

 

[eTheBlack]

Even if amazon only made 1% of profit, out of those 100 billions, it would be enough to pay this fine in just one quarter. And still have millions left.

I dont think you realise how much money is that. Few dollars from your paycheck isnt much, but we are talking about millions here. Thats a lot of money, even for big companies.

 

[Shadowboxer]

Where does this money go? The EUs accounts have a huge holes in them. Billions of Euros go missing every year apparently. One thing is for sure, it doesn’t reach the ordinary people of Europe, especially if you live in a richer European country where EU membership actively costs you money.

What’s gone on here is a group of Oligarchs in Europe have used the powers afforded to them by sovereign governments to seize money from a multi billion dollar corporation.

Personally I think it should be divided equally amongst the European countries and pay to their respective exchequers as tax revenue. Amazon doesn’t pay much tax, this would help make up for that. But nope, it will probably end up being given to Turkey as a bribe to prevent migrants reaching the EU, or some Eurocrats own firm.

 

[alexnode]

There are some valuable protections and rights from gdpr that are not given away by clicking agree though.

The intent was good, the execution was pretty poor and overall it ended up working more in favours of big companies like facebook and google (compliance is easier for big companies with big budgets) and hurt smaller ones. I don’t think that was the intent, just an unintended consequence.

And I agree, for the users they are supposed to protect both the ePrivacy Directive (cookie law) and GDPR have mostly just been really bloody annoying with consent pop ups.

Well I won't put blame on the law, but on the websites and companies that try to trick you. I think that browsers and OSes should get in the game and regulate your consent for everything .

 

[Uncle Al]

FCC .... are you paying attention??? Time for you folks to get in the game and start regulating these crooks! And since the USA is so much bigger and better, you need to add a multiplier ... say 100X or 500X just to get their attention .....