Amazon could face an EU privacy fine of more than €350 million over alleged violations of General Data Protection Regulation (GDPR) rules.

According to a report by The Wall Street Journal, Luxembourg’s data protection commission has sent out a draft decision to sanction the retail giant’s privacy practices and has proposed a fine across the European Union’s 26 national authorities.

Luxembourg’s Commission Nationale pour la Protection des Données (CNPD) is Amazon’s lead privacy regulator in the EU because it has its headquarters in the Grand Duchy.

One of the newspaper’s sources said that the allegations are linked to the company’s collection and use of personal data and are not to do with its cloud-computing arm Amazon Web Services.

The decision to sanction Amazon is not yet final, as the proposal must be agreed on by other EU privacy regulators, which could take months.

Last week the UK’s Competition and Market Authority (CMA) said it would formally investigate the e-commerce platform’s use of data.

The investigation is reportedly set to centre on how the company uses the data it collects on its platform.

The probe will also explore whether the e-commerce giant favours retailers who use its own logistics service when it comes to allowing access to its “buy box” feature and to its Amazon Prime customer base.

Amazon declined to comment on reports of the proposed EU fine.

Share Story: