Netherlands: Netflix fined €4.7M for violating data protection laws
The Dutch Data Protection Authority (DPA) has slapped a €4.75 million ($5 million) fine on Netflix for not properly informing its users about their personal data usage between 2018 and 2020. The investigation, launched in 2019, found that the streaming giant's privacy statement failed to clearly inform how it handles user data. The DPA also noted Netflix wasn't transparent about why it collected personal data and how long it retained this information.
Netflix's data handling practices under scrutiny
The DPA also slammed Netflix for failing to provide adequate information to customers who asked about the kind of data the company collects. This lack of transparency also extended to their collection purposes, sharing practices, retention periods, and security measures for data transferred outside Europe. All of these actions were considered to be violations of the General Data Protection Regulation (GDPR).
DPA Chairman emphasizes need for data handling transparency
DPA Chairman Aleid Wolfsen stressed on the need for transparency in data handling, particularly for a global company like Netflix. He said, "A company like that, with a turnover of billions and millions of customers worldwide, has to explain properly to its customers how it handles their personal data." Wolfsen added that this information "must be crystal clear," especially when customers ask about it.
Netflix updates privacy statement, appeals against fine
In light of the DPA's findings, Netflix has revised its privacy statement and enhanced its information offering. However, the company has contested the fine and is appealing against it. So far, Netflix has not responded to requests for comment on the matter.
