Amazon has announced that it will appeal a record European Union fine of $886.6 million, incurred for processing personal data in violation of EU General Data Protection Regulation (GDPR) rules.
The Luxembourg National Commission for Data Protection (CNPD) handed down the fine in July in a decision that Amazon said in a filing was made without merit. In the filing, Amazon did not specify the details of an accompanying order by the CNPD to revise certain business practices.
The EU’s GDPR rules require that companies seek people’s consent before using their personal data. European regulators announced last November that it was their belief that Amazon’s retail business obtained and misused non-public data on third-party sellers to better compete in Europe’s markets.
“We must ensure that dual role platforms with market power, such as Amazon, do not distort competition,” wrote Margrethe Vestager, EVP of the EU’s telecommunications and IT commission, in November. “With e-commerce booming, and Amazon being the leading e-commerce platform, a fair and undistorted access to consumers online is important for all sellers.”
Amazon told The Wall Street Journal in a statement that the proposed fine is “entirely out of proportion,” given that GDPR regulations allow for fines of up to 4 percent of a company’s revenue—the fine amounts to about 4.2 percent of Amazon’s $21.3 billion income in 2020, the WSJ noted. The reported number exceeds the previous record fine under Europe’s data protection law, from when France’s top privacy watchdog handed out a $163 million fine to Google last December. 
Danny Flynn is assistant editor at Compliance Chief 360°.