Amazon.com Inc (AMZN.O) could be fined more than $425 million under the European Union’s privacy law, the Wall Street Journal reported on Thursday, citing people familiar with the matter.
Luxembourg’s data-protection commission, CNPD, has circulated a draft decision and proposed a fine highlighting Amazon’s privacy practices among the bloc’s 26 national data-protection authorities, according to the report.
The case relates to Amazon’s collection and use of individuals’ personal data and violations under EU’s landmark data privacy rules known as the General Data Protection Regulation (GDPR), a source told the Journal.
Amazon declined to comment.
GDPR requires companies to seek people’s consent before using their personal data or face steep fines.
An EU court ruling last month annulled an order that required Amazon, which has its EU headquarters in Luxembourg City, to pay back taxes to the country.
Our Standards: The Thomson Reuters Trust Principles.