Netflix has been hit with a €4.75 million fine by the Dutch Data Protection Authority (DPA) for failing the European Union’s GDPR privacy rules. (Photo illustration by Chesnot/Getty Images)

Consumer rights Elections News

Dutch authority fines Netflix €4.75 Million for data violation

2 minutes read

Netflix has been hit with a €4.75 million fine by the Dutch Data Protection Authority (DPA) for breaking the European Union’s GDPR privacy rules.

According to the DPA on December 18, between 2018 and 2020, the streaming giant failed to provide clear and sufficient information to customers about how their personal data was handled — a fundamental requirement under EU law.

The DPA found Netflix guilty of multiple transparency failures, including what it termed “vague” explanations about why personal data was collected and shared, unclear retention policies and inadequate safeguards for data transferred outside Europe.

The platform gathers a wide range of user information, including phone numbers, email addresses, payment details and viewing habits.

DPA chairman Aleid Wolfsen stated: “A company of this magnitude, with billions in revenue and a massive global user base, must make it abundantly clear to customers how their personal data is being used. And they failed to do so.”

The ruling stems from a complaint filed in 2019 by the European Centre for Digital Rights (Noyb).

The privacy watchdog argued that Netflix breached Article 15 of the GDPR, which compels companies to grant users full access to their personal data along with information about its processing, storage and transfer.

Stefano Rossetti, a lawyer for Noyb, welcomed the fine but criticised the lack of speed regarding the decision. “We’re pleased the DPA issued a fine against Netflix but it took nearly five years to resolve what was, frankly, a straightforward case,” he said.

He also hinted that the issue was not finished, stating: “We’re currently reviewing the ruling to ensure all points of our original complaint have been addressed.”

The DPA has noted that Netflix updated its privacy policy in 2020 — after the rule breaches had taken place.

Netflix has reportedly objected to the penalty.

Key Topics

More like this

The Dutch Data Protection Authority (DPA) has fined Uber €290 million for transferring personal data of European taxi drivers to the United states and failing to safeguard the data with regard to these transfers. EPA-EFE/WILL OLIVER
News

Uber’s €290 million fine for breaching GDPR rules sparks industry outcry

By Anne-Laure Dufeal

Consumer rights

Austria orders YouTube to give users access to their data

By AFP

News

EU court orders EC to compensate citizen for violating its own protection laws

By Carl Deconinck

TikTok was fined 530 million euros ($600 million) by its lead EU privacy regulator on May 2 over concerns on how it protects user information and was ordered to suspend data transfers to China if its processing is not brought into compliance within six months. (Photo by Chesnot/Getty Images)
News

TikTok fined €530 million by EU regulator over data protection

By Reuters