Amazon is set for an early Christmas present as a Luxembourg judge suspended a court order requiring a daily $750,000 payment towards a disputed $844m (€746m) fine.
The penalty stems from a July ruling against Amazon Europe Core S.à r.l. in which the Luxembourg National Commission for Data Protection (CNPD) claimed that Amazon’s processing of personal data did not comply with the EU General Data Protection Regulation (GDPR).
This is according to a financial filing accompanying Amazon’s Q2 2021 earnings report [PDF].
Amazon said it would challenge the ruling, which it deemed to have no merit.
In a statement to The Register at the time, the global e-commerce behemoth said: “Maintaining the security of our customers’ information and their trust are top priorities. There has been no data breach, and no customer data has been exposed to any third party. These facts are undisputed. We strongly disagree with the CNPD’s ruling, and we intend to appeal.
“The decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law, and the proposed fine is entirely out of proportion with even that interpretation.”
The €746m fine was the largest penalty under GDPR to date, topping the previous record of €50m from the French National Commission on Informatics and Liberty (CNIL) against Google in 2019 by almost 15 times. In fact, Amazon’s fine is more than twice the sum of all previous GDPR penalties combined (€303m).
The judge ruled that the orders by the Luxembourg data protection authority were not “sufficiently clear, precise and without uncertainty” to allow Amazon to meet the ultimatum, according to Bloomberg.
At a hearing earlier this month, Amazon lawyer Thomas Berger said the watchdog’s deadline was “unrealistic” because it’s not clear what changes are required. “We have no guidance about what we need to do, so how do we do it?” ®
source: The Register