Amazon fined record-breaking $888 million for violating GDPR – but exact reason is a secret

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Amazon has been slapped with a record-breaking fine by the European Union for a violation of its GDPR data protection rules.

The shopping giant has been told to pay $888 million (the equivalent of €746 million or £638 million) by the Luxembourg National Commission for Data Protection (CNPD), who imposed the fine on 16 July.

The EU’s General Data Protection Regulation, or GDPR, requires companies to seek people’s consent before using their personal data or face steep fines.

Amazon said it believed the decision was without merit and that it would defend itself vigorously in appealing the fine but did not specify why the fine was issued.

The CNPD told The Independent that it issued the decision on 15 July, 2021 but said that legally it was not allowed to communicate about individual cases and was “bound by professional secrecy.”

It added: “the publication of our decisions is considered as a supplementary sanction. Therefore, we cannot publish any decision before the deadline for appeals has expired.”

In a statement provided to The Independent, Amazon said: “Maintaining the security of our customers’ information and their trust are top priorities. There has been no data breach, and no customer data has been exposed to any third party. These facts are undisputed.

“We strongly disagree with the CNPD’s ruling, and we intend to appeal. The decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law, and the proposed fine is entirely out of proportion with even that interpretation.”

Amazon has come under scrutiny by the EU before. In November, regulators filed antitrust charges against the company, accusing Amazon of using its access to data from companies that sell products on its platform to gain an unfair advantage over them.

While the US initially criticised the EU for targeting American companies, it has more recently started taking a tougher line on big tech as well, suing Google last year for abusing its dominance in online search and advertising.

In May, a court annulled a ruling by the European Commission that a tax deal between Amazon and Luxembourg’s government amounted to illegal state support. It was the latest setback to European Union efforts to tackle corporate tax avoidance.

Globally, regulatory scrutiny of tech giants has been increasing following a string of scandals over privacy and misinformation, as well as complaints from some businesses that they abuse their market power.

Alphabet’s Google, Facebook, Apple and Microsoft have drawn heightened scrutiny in Europe.

In December, France’s data privacy watchdog handed out its biggest ever fine of €100 million ($118.82 million) to Google for breaching the nation’s rules on online advertising trackers.

Additional reporting by agencies