Amazon fined US$880 million by Luxembourg authorities over data privacy breach
- ‘Amazon’s processing of personal data did not comply with the EU General Data Protection Regulation,’ Amazon said in a securities filing
- The fine was believed to be the largest ever for a data protection violation since the passage of the regulation
Amazon was fined €746 million (US$880 million) by Luxembourg authorities over allegations it flouted the EU’s data protection rules, the online retail giant said on Friday.
The fine was issued on July 16 by the Luxembourg National Commission for Data Protection following its determination that “Amazon’s processing of personal data did not comply with the EU General Data Protection Regulation (GDPR),” Amazon said in a securities filing.
“We believe the CNPD’s decision to be without merit and intend to defend ourselves vigorously in this matter,” the company added, using the organisation’s French acronym. The fine was believed to be the largest ever for a data protection violation since the passage of the regulation.
The Securities and Exchange Commission (SEC) document offered no details, but Amazon was sued by a European consumer group claiming personal data was collected for ad targeting without permission.
The Luxembourg agency confirmed that it made a ruling this month on Amazon but declined to elaborate, saying its investigations are confidential.
It was the latest case of US tech firms being hit with violations of the landmark GDPR. French authorities fined Amazon €35 million last year for failing to follow laws on browser “cookies” that track users. Google was hit with a fine of €100 million for similar violations, and Facebook is under investigation in Ireland after details on 533 million users were leaked on a hacking website.