Amazon has been fined a record 746 million euros, or $885 million based on current exchange rates, over alleged violations of European data privacy regulations.
The company disclosed the July 16 decision by the Luxembourg National Commission for Data Protection (CNPD) in its 10Q filing with the Securities and Exchange Commission on Friday morning.
The decision has not been made public, but according to Amazon’s filing, the CNPD found that the company’s “processing of personal data did not comply with the EU General Data Protection Regulation.”
“We believe the CNPD’s decision to be without merit and intend to defend ourselves vigorously in this matter,” the company says in the filing.
The commission’s investigation started with a 2018 complaint from French privacy rights group La Quadrature du Net, according to Bloomberg News. A member of the group’s litigation team told the news service, “It’s a first step to see a fine that’s dissuasive, but we need to remain vigilant and see if the decision also includes an injunction to correct the infringing behavior.”
Amazon disputes that there’s any infringing behavior to correct.
“Maintaining the security of our customers’ information and their trust are top priorities. There has been no data breach, and no customer data has been exposed to any third party,” an Amazon spokesperson said in a statement. “These facts are undisputed. We strongly disagree with the CNPD’s ruling, and we intend to appeal. The decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law, and the proposed fine is entirely out of proportion with even that interpretation.”
