Breaking EU’s Data Protection Regulations Costs Amazon €746 million in Fines
The Luxembourg National Commission for Data Protection (CNPD) fined Amazon €746 million on Friday for not complying with the EU's General Data Protection Regulation in its handling of personal data (GDPR). In the EU and the European Economic Area, the GDPR governs data protection and privacy. It was enacted in 2016 and went into effect in May of this year. It imposes sanctions on anyone who breach its privacy and security requirements, which are meant to be severe.
In a filing with the US Securities and Exchange Commission (SEC), Amazon revealed the €746 million punishment. Although authorities are permitted to levy fines of up to 4% of a company's turnover, this is the highest punishment ever imposed. The CNPD levied the punishment on July 16 and ordered Amazon to change several of its business practices.
Conclusively, Amazon specified that it merely listed them as matching practice modifications, not revealing specific business practices it was required to change. Amazon also stated in its petition that it wants to appeal the judgment, writing: We think the CNPD's finding is without merit, and we intend to forcefully defend ourselves in this case.