Dutch watchdog fines Netflix €4.75m, hours after Meta fined in Ireland
By Jeph Ajobaju, Chief Copy Editor
A watchdog in The Netherlands, AP, has fined Netflix €4.75 million for failing to properly inform clients what it did with their personal data.
Meta, the owner of Facebook, was fined just a day earlier in Ireland for a similar offence.
The complaint The Netherlands focuses on the period between 2018 and 2020 and the streaming service has since updated its privacy statement and improved its provision of information, the AP said.
Netflix collects various types of personal data of customers, ranging from email addresses, telephone numbers and payment details to data about what customers watch on the platform, and when.
“A company with a turnover of billions of dollars and millions of customers worldwide must explain properly to its customers how it handles their personal data,” AP chairman Aleid Wolfsen said. “That must be crystal clear.”
The indictment stressed that Netflix failed to provide enough information about why it was collecting and using personal data and the legal reason for doing so, how long it kept the information and what it shared with third parties.
The complaint was made by an Austrian NGO which brought its case to the Netherlands because Netflix’s European headquarters is here.
Under EU privacy legislation, companies that process data in several EU member states have to deal with only one data protection authority.
Netflix has appealed against the fine.
Meta fined $263m over Facebook hacking
A regulator in Ireland helping police EU data privacy disclosed on Tuesday it has imposed a fine of 251 million euros ($263 million) on Meta, which owns Facebook, for a data protection failure six years ago that saw users’ accounts hacked on the social media platform which has more than one billion users.
The Data Protection Commission (DPC) criticised Meta for a security flaw in its video upload function which hackers were able to exploit to gain full access to other users’ Facebook profiles.
AFP reports EU officials as documenting that over a two-week period in 2018, unauthorised users were able to hack into around 29 million Facebook accounts globally, including three million based in the EU.
The personal data involved included email addresses, phone numbers, locations and places of work.
“The failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals,” said Graham Doyle, the regulator’s head of communications.
“By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”
Read also:
Ireland slams $263m fine on Meta over multiple hackings on Facebook