The Dutch Knowledge Safety Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving customers sufficient details about the way it used their information between 2018 and 2020.
An investigation launched by the DPA in 2019 discovered that the tech big didn’t inform clients clearly sufficient in its privateness assertion about what it does with the info it collects from its customers. This contains e mail addresses, phone numbers, fee particulars, in addition to details about what clients watch on the platform.
“Furthermore, customers did not receive sufficient information when they asked Netflix which data the company collects about them,” the DPA stated, including these represent violations of the Common Knowledge Safety Regulation (GDPR).
In addition to failing to make clear the aim and authorized foundation for gathering the info, the corporate has additionally been accused of being unclear about what sorts of knowledge are shared with third-parties and for what causes, the info retention interval, and safety ensures in relation to transmitting the data to nations outdoors of Europe.
Austrian privateness non-profit None of Your Enterprise (noyb), which filed the criticism towards Netflix in January 2019, stated it is “happy” with the DPA’s determination, whereas noting that it took nearly 5 years to acquire it.
“Netflix didn’t just fail to provide sufficient information about why it collects data and what it does with it,” it stated. “The company didn’t even manage to provide a full copy of the complainant’s data.”
Though the corporate has since up to date its privateness assertion and improved the data it offers to customers, it is objecting to the effective, the DPA added.
“A company like that, with a turnover of billions and millions of customers worldwide, has to explain properly to its customers how it handles their personal data,” Dutch DPA chairman Aleid Wolfsen stated. “That must be crystal clear. Especially if the customer asks about this. And that was not in order.”
Noyb has additionally filed comparable complaints towards Amazon, Apple Music, Spotify, and YouTube, with the case towards Spotify ensuing within the music streamer going through a effective of round €5 million from the Swedish Knowledge Safety Authority (IMY) in June 2023.
The event comes because the Irish Knowledge Safety Fee (DPC) imposed a financial penalty of €251 million (round $263 million) on Meta for a 2018 information breach that impacted 3 million customers within the European Union.
