September 28, 2021

Volume XI, Number 271

Advertisement

September 27, 2021

Subscribe to Latest Legal News and Analysis

Luxembourg DPA Fines Amazon 746 Million Euros for GDPR Violations

On July 16, 2021, the Luxembourg data protection authority (Commission nationale pour la protection des donées, “CNPD”) imposed a record-breaking €746 million fine on Amazon Europe Core S.à.r.l. for alleged violations of the EU General Data Protection Regulation (“GDPR”). The CNPD also ordered Amazon to revise certain of its practices. As Amazon has its EU headquarters in Luxembourg, the CNPD acts as Amazon’s lead supervisory authority in the EU.

Based on press reports and Amazon’s public statements, the fine appears to relate to Amazon’s use of customer data for targeted advertising purposes.

The amount of the fine is substantially higher than the proposed fine in a draft decision that was previously reported in the press.

Although the CNPD’s decision is not publicly available, the decision was confirmed by Amazon’s SEC 10-Q filing. Amazon indicated that it will appeal the decision.

Copyright © 2021, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XI, Number 211
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement
Advertisement