Security News > 2021 > July > Amazon gets $888 million GDPR fine for behavioral advertising
Amazon has quietly been hit with a record-breaking €746 million fine for alleged GDPR violations regarding how it performs targeted behavioral advertising.
In an SEC Form 10-Q filed today, Amazon states that this massive fine came out of CNPD in July 2021, which fined them for improper processing of personal data.
"On July 16, 2021, the Luxembourg National Commission for Data Protection issued a decision against Amazon Europe Core S.à r.l. claiming that Amazon's processing of personal data did not comply with the EU General Data Protection Regulation," reads an SEC 10-Q filing submitted by Amazon today.
This creation of these behavioral profiles is being done without a user's consent and thus violates GDPR. Amazon has told BleepingComputer that this fine is not related to a data breach or unauthorized access to customer data but rather how they perform advertising.
"The decision relating to how we show customers relevant advertising relies on subjective and untested interpretations of European privacy law, and the proposed fine is entirely out of proportion with even that interpretation."
The largest fine was €50 million against Google for not correctly receiving consent when processing user's data when creating a Google account or performing advertising.