Amazon face GDPR scandal over ‘violation of consumers’ rights’

No primary category set

Amazon have come under fire for “violation of consumers’ rights” as they failed to fully comply with the General Data Protection Regulation (GDPR).

The EU non-profit privacy group, noyb found that the marketplace failed to supply additional information to which consumers are entitled to under the EU law. It said that the data provided by Amazon were in “cryptic formats that made it extremely hard or even impossible for an average user to understand the information…with certain types of raw data were also missing.”

The GDPR requires customers data to be both machine-readable and easily understood by those requesting the information. The right to access data is the cornerstone of the data protection framework. It grants consumers the right to get a copy of their data and to receive additional information. Only when a customer can get an idea of how and why their data is stored, they can realistically uncover violations of the GDPR and consequently take action.

The article 80 of the GDPR also foresees that data subjects can be represented by a non-profit association, as individual users are usually unable to file the relevant legal complaints.

To test how Amazon carries out their GDPR duties noyb’s investigators’ requested a copy of their own data from Amazon and discovered that the marketplace didn’t fully comply.

Many services set up automated systems to respond to access requests, but they often don’t even remotely provide the data that every user has a right to. In most cases, users only got the raw data, but, for example, no information about who this data was shared with. This leads to structural violations of users’ rights, as these systems are built to withhold the relevant informationIn 1995 the EU already passed data protection laws, but they were simply ignored by the big players. We now have to make sure this does not happen again with GDPR – so far many companies only seem to be superficially compliant.”
-Max Schrems, director of noyb

This means the marketplace could potentially be facing a GDPR penalty breach of up to €20m (£17.7m) or 4% of the business’s global turnover.

This news mark Amazon’s second data-breach scandal as they were blamed for accessing customer’s videos via Ring, security cameras.


New Amazon Vouchers pricing requirement

New Amazon Vouchers pricing requirement

How Absolute Collagen grew to a £23m business

How Absolute Collagen grew to a £23m business

Amazon Ships in Product Packaging sign up

Amazon Ships in Product Packaging sign up

Hardly Ever Worn It Amazon Luxury resale collaboration

Hardly Ever Worn It Amazon Luxury resale collaboration

Amazon Disbursements held due to unmet UK business establishment requirements unfreeze disbursements says Minister

Enterprise minister tells Amazon unfreeze disbursements

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.


Take a look through a selection of the latest articles on ChannelX

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars