Dutch Authority Fines Netflix $4.95 Million for Alleged GDPR Violations

By  |  December 18, 2024
 | 
Netflix

The Dutch Data Protection Authority (Dutch DPA) fined Netflix 4.75 million euros (about $4.95 million), saying that between 2018 and 2020, the company did not give its customers enough information about what it does with their personal data.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    The regulator said Netflix violated the General Data Protection Regulation (GDPR) by not making the information in its privacy statement clear enough and by providing insufficient information to consumers who asked the company about the data it collects about them, according to a Wednesday (Dec. 18) press release.

    “A company like that, with a turnover of billions and millions of customers worldwide, has to explain properly to its customers how it handles their personal data,” Dutch DPA Chairman Aleid Wolfsen said in the release. “That must be crystal clear. Especially if the customer asks about this. And that was not in order.”

    The press release said that since the period covered in the complaint, Netflix has updated its privacy statement and improved the information it provides.

    Reached by PYMNTS, a Netflix spokesperson said in an emailed statement: “Since this investigation began over five years ago, we have cooperated with the Dutch Data Protection Authority and proactively evolved our privacy information to provide even greater clarity to our members. We have objected to this decision.”

    In a Dutch DPA document about the fine, the regulator reported that Netflix said that the Dutch DPA uses a more stringent interpretation of the GDPR rules, that the company believes it acted in accordance with the rules, and that the company’s privacy statement invited customers to contact Netflix if they had questions about its use of personal data, cookies and other technologies.

    Advertisement: Scroll to Continue

    In an earlier, separate action, the Dutch DPA fined Uber 290 million euros (about $324 million) in August, saying the company violated the GDPR by transferring personal data of its drivers to the United States while failing to protect that data. Uber has since ended the violation.

    In May 2023, the Irish Data Protection Commission fined Meta Platforms $1.3 billion, saying the company violated the GDPR by failing to protect European Facebook users’ data from U.S. surveillance practices. In addition to the fine, Meta was ordered to suspend any future transfer of personal data to the U.S. and to cease “the unlawful processing, including storage, in the U.S.” of EU users’ personal data.


    Recommended

    American Airlines Leverages Loyalty Program and Co-Branded Cards to Boost Revenue Growth

    Worldpay Integrates Affirm Into Embedded Payments Offering

    Worldpay Integrates Affirm Into Embedded Payments Offering for SaaS Firms

    stablecoin concept

    Stablecoin Issuers Race for Bank Charters as Fed Weighs Access

    Tariff Tally: Global Losses Eclipse $35B Going Into Q3 Earnings

    Tariff Tally: Global Losses Eclipse $35 Billion Going Into Q3 Earnings

    See More In: , , , , , , , , , , ,