EU Privacy Regulator Fines Amazon $887M

GDPR

A European privacy watchdog has fined Amazon 746 million euros ($887 million) for violating data protection laws.

According to CNBC, Amazon disclosed the fine Friday (July 30) in a security filing. It was issued two weeks ago by the Luxembourg National Commission for Data Protection (CNDP), which says the retail giant failed to comply with the European Union’s General Data Protection Regulation.

The commission has ordered Amazon to revise some of its business practices, while Amazon, whose European operations are based in Luxembourg, denies any sort of breach occurred.

“Maintaining the security of our customers’ information and their trust are top priorities,” an Amazon spokesperson told CNBC. “There has been no data breach, and no customer data has been exposed to any third party.”

Amazon says it plans to appeal the fine, which it called disproportionate. The company added that the CNDP decision as it relates to how the company shows customers relevant advertising “relies on subjective and untested interpretations of European privacy law.”

The investigation was apparently sparked by a complaint in 2018 by La Quadrature du Net, a French privacy group.

The General Data Protection Regulation (GDPR) allows data protection agencies in Europe to fine companies as much as 4 percent of their yearly global sales. And as CNBC notes, while this fine is in the hundreds of millions, it was announced one day after Amazon reported its third consecutive $100 billion quarter.

But as PYMNTS reported on Thursday, that report wasn’t exactly great news for the company. Amazon reported $113 billion in net sales for the three months ending June 30. That’s 27 percent higher than the same period last year, but $2 billion short of analyst projections.

Brian Olsavsky, Amazon’s chief financial officer, said reduced spending by Prime members and an increase in vacation rates leading to more mobility by consumers contributed to the decline.