A European Union privacy regulator has proposed a fine of more than $425 million against Amazon for alleged violations of Europe General Data Protection Regulation (GDPR (opens in new tab)) laws.
Quoting unnamed people familiar with the matter, the Wall Street Journal reports that the penalty, if imposed, could be the biggest that’s ever been levied against a GDPR offender.
- Check our roundup of the best privacy apps for Android (opens in new tab)
- We’ve built a list of the best business VPN (opens in new tab) solutions on the market
- These are the best proxy service providers (opens in new tab)
Based on Amazon’s reported net income of $21.3 billion last year, the proposed fine represents about 2% of the company’s 2020 income, and a mere 0.1% of its $386 billion in annual sales. The GDPR allows regulators to impose fines up to 4% of a company’s annual revenue.
Just a draft
It is reported that the draft decision against Amazon is being circulated by Luxembourg’s data-protection commission, the CNPD, among the bloc’s 26 other national authorities.
With its EU headquarters in Luxembourg, Amazon comes within the jurisdiction of the CNPD, making it Amazon’s lead privacy regulator.
However, as per the Wall Street Journal, any GDPR draft decisions must be agreed by all other EU privacy regulators before they become final. This process could take several months, and perhaps even lead to substantive changes to the draft, including alterations to the fine in either direction.
In fact, if the source is to be believed the CNPD has already received a handful of objections to its draft decision, including at least one that’s calling for a higher fine.
- Also take a look at our collection of the best VPN services (opens in new tab)
Via Wall Street Journal (opens in new tab)