14 DAY TRIAL // Amazon was fined $886.6 million for violating European Union data protection privacy regulations by Luxembourg's National Commission for Data Protection, according to BBC.
Under the EU's General Data Protection Regulation (GDPR), that went into effect in May 2018, organizations are required to ask permission before accessing customers' personal data, which apparently Amazon didn't. According to a filing by Amazon with the Securities and Exchange Commission (SEC) in the United States on Friday, the fine was given by Luxembourg's data protection authority, commonly known as the Commission Nationale pour la Protection des Données (CNPD).
The following is an official statement issued by Amazon in reaction to the CNPD's decision: "We believe the CNPD's decision to be without merit and intend to defend ourselves vigorously in this matter."
Amazon has stated that it intends to vigorously defend itself in this matter
This is the highest imposed fine since the legislation came into force in 2018. It is also much higher than previous fines imposed by the European Union. Previously, sensitive data could be used, stored, and processed in any way the provider wanted.
It is currently unknown what Amazon did in order to incur such harsh penalties. Nonetheless, considering that national authorities are required to consider the duration, gravity, and nature of the infringement when determining a penalty, the infraction could be severe. Companies such as H&M, Google, Marriot Hotels, and British Airways have received fines in the tens of millions as well.
Most recently, technology giants such as Amazon have been under fire for their monopoly power, prompting demands for the powers of those corporations to be curbed. At one time, it was considered that the EU's primary concern was Amazon's access to and use of personal data, including information regarding the volumes and pricing of third-party products.