Swedish DPA fines Spotify $5.4M for ‘low level’ GDPR lapses
By 
Jeff Dale2023-06-13T19:25:00
Sweden’s data protection authority (DPA) levied a fine of 58 million Swedish krona (U.S. $5.4 million) against music streaming service Spotify following an audit on how the company handles customers’ rights to access their personal data.
The Swedish Authority for Privacy Protection acknowledged Spotify is compliant with General Data Protection Regulation (GDPR) rules about providing data access to users when requested but ran afoul of Article 15 of the privacy law by “not inform[ing] clearly enough about how this data is used,” the DPA said in a press release Tuesday.
In January 2019, privacy campaigner Max Schrems filed a complaint, along with two others, alleging Spotify breached Article 15 of the GDPR. The complaint was originally filed in Austria but routed to Sweden, where Spotify’s EU headquarters is located, in line with the GDPR’s one-stop shop mechanism.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumPaying ransom to avoid GDPR fine an unwise gambit
Companies that think paying reduced ransomware demands would be a better move than informing regulators of a data breach and facing enforcement are playing with fire, according to experts.
-
News BriefSwedish DPA fines Trygg-Hansa $3.2M for GDPR breaches
Sweden’s data protection authority issued a penalty of 35 million Swedish krona (U.S. $3.2 million) against insurance company Trygg-Hansa for alleged security flaws that made customer insurance information accessible on the internet.
-
News BriefLawsuit: Ex-Grindr privacy chief alleges firing over red flags raised
The former chief privacy officer at Grindr is suing the company behind the LGBTQ dating app for wrongful termination regarding alleged privacy violations he raised that new management ignored.
More from Regulatory Enforcement
-
News BriefTrump’s CFPB, dismissing Comerica case, continues to cut down Biden-era lawsuits
The Consumer Financial Protection Bureau dropped yet another consumer protection lawsuit against a bank or fintech provider since Donald Trump was sworn in as president in January. This time, it was with Comerica Bank.
-
News BriefCash App parent to pay $40 million for alleged BSA/AML violations in New York
Block Inc., maker of the popular Cash App, has been hit with a $40 million fine by New York for its alleged failure to report suspicious activity. The move marks the latest in a string of recent state and federal enforcement actions against the company.
-
News BriefDOJ disbands crypto investigation unit, another sign of the Trump administration’s support of digital currency
The U.S. Department of Justice (DOJ) disbanded its crypto investigation unit on Monday, marking another step from President Donald Trump to support the crypto industry and lighten the regulatory burden of potential crypto crime investigations that had started under the Biden administration.