Amazon fined a staggering £636 million in Europe for GDPR violations
Saturday, July 31, 2021
CNDP reportedly sent copies of its draft decision to data protection authorities in other EU countries so as to arrive at a decision that reflected the views of all the authorities. WSJ learned that some data protection authorities were not happy with the €350 million figure and wanted CNDP to impose a much larger fine to Amazon.
Commenting on the GDPR fine imposed on Amazon, Ilia Kolochenko, the founder of ImmuniWeb, says that Article 83 of GDPR is very specific about its penalties: security-related incidents are fined by up to 2% of the annual turnover, while violations such as lack of consent or unlawful data processing are punished more severely by a fine going up to 4%. Thus, Amazon’s statement that no data breach has occurred is probably not very relevant to the case.
“In view of the recent GDPR-related litigation in the EU and available jurisprudence, the fine, however, indeed seems to be excessive and will likely be significantly reduced on appeal. Amazon will undoubtedly endeavor to win the case in court on appeal.
“The outcome of this case will likely be influenced by politics, as such punitive actions by the EU may strongly discourage American companies doing business in Europe. Furthermore, it may motivate US states, that are now rapidly implementing state privacy laws, to retaliate by imposing mirrored penalties upon European companies. The long-awaited federal privacy law in the US should hopefully harmonize data protection regimes and finally bring peace of mind both to consumers and businesses on the two sides of the pond,” he added. Read Full Article
Computing: Amazon faces £635 million fine for GDPR violations
SC Media: Top exploit list highlights the long tail of some vulnerabilities