The European data protection law, the GDPR, generally known by its acronym GDPR, became a kind of potential nightmare for brands a few years ago. At the time it went into effect, consumer email inboxes were filled with messages asking for confirmation to continue receiving email marketing campaigns or explaining changes and adjustments.
All companies wanted to scrupulously comply with the rule, which toughened the rules on what could and cannot be done with data. It also marked very high potential fines, which is what often causes companies to enter a phase of potential terror. The regulation thus became material for all analysis and for all corporate recommendations, as well as a recurring element on the list of things that marketers and IT managers had to take into account.
Everyone feared the impact of a fine. Even so, with the passage of time, the feeling among companies was that the fines were not arriving as they were so feared they would. The rule was tough, but European market regulators weren’t enforcing it as zealously (or so you might think).
The first big fine went to British Airways , before Brexit, 204 million euros for failing to protect its consumers’ data from hackers. Despite this, there has continued to be a certain ignorance and one that it is not so bad either. An interesting percentage of SMEs, for example, believe that the data they handle is outside the law and most websites still do not comply with data protection .
A record fine for Amazon
But now the cycle could be changing and the big fines could be starting to come in: Amazon just got one. The fine to Amazon has been known because the company has had to send the US market regulator a notice pointing out this situation in its last financial presentation, as published by Reuters .
Amazon has been fined by the Luxembourg National Commission for Data Protection with 746 million euros. The decision was made in mid-July, although it has not transcended so far. Amazon is going to appeal the fine, because it believes it has no legal basis.
Why has Luxembourg fined Amazon? In the information that it has sent to markets, Amazon is sparing in the context of the fine. It points out that the agency ensures that “Amazon’s processing of personal data is not in accordance with the general data protection regulation of the European Union.” As specified by The Wall Street Journal , the decision would be connected to a lack of data protection linked to the advertising offered by Amazon.
“The decision regarding how we show relevant advertising to consumers is based on a subjective and unproven interpretation of European privacy law,” the company assures the business newspaper, “and the proposed fine is completely disproportionate even with that interpretation.”
The Luxembourg body is the one that has managed the process because there is the headquarters of Amazon, but as explained in the Journal, the fine would be a cross-border issue. Be that as it may, the fine is the highest that has been imposed so far based on the European data protection law.