back to article Luxembourg judge hits pause on Amazon's daily payments of disputed $844m GDPR fine

Amazon is set for an early Christmas present as a Luxembourg judge suspended a court order requiring a daily $750,000 payment towards a disputed $844m (€746m) fine. The penalty stems from a July ruling against Amazon Europe Core S.à r.l. in which the Luxembourg National Commission for Data Protection (CNPD) claimed that Amazon …

  1. Pete 2 Silver badge

    Redeployment

    > "We have no guidance about what we need to do, so how do we do it?"

    Perhaps if they took some of their lawyers off making up specious excuses and put them to work on reading the EU law, they could work out what needed to be done. As every other company that manages to operate without breaking that particular law, does.

    They would probably get to the solution even quicker if the daily penalty was increased,

    1. Cynical Pie

      Re: Redeployment

      To be fair to Amazon court ruling normally gives details of the infractions and then explicit requirements as a result of those infractions.

      However in this case this seems to have been more along the lines of 'you've been naughty so sort it' with no more meat on the bones.

      No doubt there will be an out of court settlement at some point that keeps everyone happy, especially the lawyers

    2. Pseu Donyme

      Re: Redeployment

      Also, they might try interpreting the law conservatively (i.e. to make sure there is no change of violating it) as opposed to aggressively (i.e. to circumvent it for maximum advantage to themselves).

    3. Anonymous Coward
      Anonymous Coward

      Re: Redeployment

      But we commit so many felonies every day; how can we possibly know which ones you've nicked us for if you don't spell it out? After all, we wouldn't want to stop committing the others by mistake!

    4. Anonymous Coward
      Anonymous Coward

      Re: Redeployment

      You might like to rethink your statement, as I'm pretty sure it's not supposed to work like you suggest:

      "You've broken a law!"

      "Which law?"

      "That's for you to work out".

  2. CJatCTi

    Typical Govenmental Behaviour

    Council Planing Inspector visits your building and says you don't comply with regs, but won't tell you what you need to do to become complyant.

    EU Invents a number and expects countries / companys to pay without any acurate explination of how they got to that figure

    1. GlenP Silver badge

      Re: Typical Govenmental Behaviour

      We had it with a VAT inspector. He surcharged us the VAT on a transaction with no explanation of how we'd infringed, when challenged he just told us to read the rules (we had, we complied).

      His boss did the next audit and immediately refunded the surcharge, with interest, as he couldn't understand it either.

      1. Tom 7

        Re: Typical Govenmental Behaviour

        So the law was clear and didnt need explaining then. Like the one on GDPR that 99.999% of Web companies manage to comply with.

        1. Anonymous Coward
          Anonymous Coward

          Re: Typical Govenmental Behaviour

          If you think 99.999% are complying with GDPR you are living in a different reality than me.

          1. Phones Sheridan Silver badge

            Re: Typical Govenmental Behaviour

            99.998% are not complying either, they just haven’t been caught yet.

  3. elregidente

    I may be wrong, but I think Amazon deliberately obstruct CCPA requests

    I tried, I think starting about two and a half years ago now, to get the information Amazon keep about me, from Amazon, via a CCPA request.

    I have yet to succeed.

    I may be wrong, but I am of the view Amazon deliberately obstruct such requests - the nearest I managed to get to the data was a web-page with *over sixty individual download links*, with Amazon telling me they expected me to manually download each file (and, later, that "We will do not more than we have done; we look forward to seeing you back on Amazon.com").

    Amazon customer support has usually been appalling - disconnected, arrogant, conceited, unresponsive, and almost always unable to read any ticket history - although occasionally with a single person who would be helpful, but it's not been enough to actually get hold of the data.

    1. Anonymous Coward
      Anonymous Coward

      Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

      "the nearest I managed to get to the data was a web-page with *over sixty individual download links*, with Amazon telling me they expected me to manually download each file"

      Sorry, but I can't see what's wrong with such a response? And if you haven't downloaded the files and looked at them, how can you know you haven't succeeded?

      1. elregidente

        Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

        > Sorry, but I can't see what's wrong with such a response?

        You must work for Amazon ;-)

        You try manually downloading *over sixty files*, one by one, by hand, in your browser, and see how far you get.

        Amazon could just have well have provided a single archive file with all those files in.

        1. heyrick Silver badge

          Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

          Probably be quicker to throw together some code that, when given the URL, will scrape it looking for links to download them all.

          Hmm, wasn't there a Firefox add-on that did exactly that?

          1. eldakka

            Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

            DownThemAll

            It is still available, they have made a WebExtension version.

          2. elregidente

            Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

            Quicker, to have *every single person* issuing a CCPA request to Amazon produce exactly the same code to do the same job - compared to Amazon doing the necessary work *just once* to put all those files into a single archive?

            (And this assumes all the people issuing a CCPA possess the necessary coding skills, which they do not.)

        2. Ken G Silver badge

          Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

          I wouldn't say I do that every day but it's not unusual. Just right click, open in a new tab, collect the downloads at the end. Try batches of a dozen.

          1. elregidente

            Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

            There are untold numbers of people issuing CCPA requests to Amazon.

            Do we say then it is better that *each and every one of the those untold numbers of people should manually download more than sixty files*, rather than Amazon doing *just once* the trivial bit of work to put all those files into a single archive?

        3. Cynical Pie

          Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

          They could have done what you suggested but all the law requires them to do is make the information available to you.

          They've done that so they have complied with their legal obligations as far as can be seen so the fact you don't like the mechanism they have chosen is irrelevant.

          Also if you were to challenge their approach through the courts the first thing you'd be asked is 'did you look at the stuff' and as it seems you cant be bothered to put in a little effort to do the downloads the courts will say bugger off and come back when you have.

          I'm no fan of the Amazon's of this world but there is nothing in these laws that say they have to spoon feed people everything.

          1. elregidente

            Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

            > They could have done what you suggested but all the law requires them to do is make the information available to you.

            Which they did not. Manually downloading more than sixty files is constructive obstruction.

            > as it seems you cant be bothered to put in a little effort to do the downloads

            Get stuffed. I'm not an idiot and downloading more than sixty files is completely and utterly needless, both for me, and for the untold thousands of other people in the same situation.

            1. Cynical Pie

              Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

              'Get Stuffed' How eloquent you are.

              The fact is they have done what they are legally obliged to do but not in a way you find convenient is a you problem not a them problem.

              Yes the downloads take time and yes it is no doubt a pain but the information is there so suck it up sunshine as they have met their obligations.

              Just be glad its all electronic and not physical files as well as if you think 60 links is constructive obstruction Christ knows what you would make of the SARs of over 25k pages and 1000+ documents I have dealt with previously that have taken weeks to sort out due to the mix of media involved.

              Could they do it differently? Almost certainly.

              Do they have to ? No they dont. it really is that simple

            2. spireite Silver badge

              Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

              Yes, it might be annoying, but it's not like you're requesting it daily,

              Personally, I think you're overreacting.

              You remind me of my wife in many ways, if it takes more than two clicks, it's too much hard work.

              Do you need a hug??

            3. Cav Bronze badge

              Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

              "Manually downloading more than sixty files is constructive obstruction."

              Sixty files is nothing...

        4. elregidente

          Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

          I - even I, with my expectation that people will support, fight for and defend lunacy and dribbling madness - am staggered by the downvotes on this post.

          Amazon have provided CCPA information which requires *every single one of the untold numbers of people making such requests to manually download over sixty files* - and something like 15 people so far think objecting to this merits a downvote.

          What God-damn drugs are you on?

          I had forgotten what some people are like, and this has been a helpful reminder.

        5. EnviableOne

          Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

          this is why the clause in GDPR exists that says

          You should provide the information in an accessible, concise and intelligible format.

    2. very angry man

      Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

      Quantum computers represent our ability to solve impossible equations, discover new medicines, and create sophisticated financial strategies. These computers will be the backbone of the metaverse and usher in the so-called "Web 3.0" era of an internet that runs on the blockchain.

    3. Anonymous Coward
      Anonymous Coward

      Re: I may be wrong, but I think Amazon deliberately obstruct CCPA requests

      Amazon deliberately obstruct CCPA requests

      Good for them, we need more obstruction to Chinese Communist Party Access requests.

  4. Anonymous Coward
    Anonymous Coward

    The ruling had nothing to do with data security or leaks...

    But targeted ads without prior consent of processing and using personal data for such use.

    Amazon as usual is trying to cry "look at the finger" to avoid to see the gorilla behind it.

    1. Doctor Syntax Silver badge

      Re: The ruling had nothing to do with data security or leaks...

      Given some of the "targeting" it looks as if they have a good excuse.

  5. ecofeco Silver badge

    Giving Amazon the benfit of the doubt?

    Oh hell no. Amazon is guilty of everything all the time.

    I can't believe ANYONE is defending this company. Oh wait. If I've learned anything from current events in the last 40 years is that yes, people are this stupid.

    Radioactive anti-5G pendant anyone? It pairs well with Ivermectin.

    1. Cav Bronze badge

      Re: Giving Amazon the benfit of the doubt?

      "I can't believe ANYONE is defending this company"

      It isn't defending the company to simply point out the requirements of the law.

  6. LordHighFixer

    It would seem

    That enforcement of the law is the same everywhere, you get what you can pay for. It is much cheaper to find a like minded judge and pay him to obstruct, than to cough up the fine. Not that I can say that it happened, but I can't say that it didn't either.

    Amazon could easily afford to pay every claim that ever comes across their desk and write it off as a cost of doing business.

    1. codejunky Silver badge

      Re: It would seem

      @LordHighFixer

      "Amazon could easily afford to pay every claim that ever comes across their desk and write it off as a cost of doing business."

      And most people could be fleeced more and still be able to live even if they dont have as much to spend. Yet we still dont like theft and tax's

  7. Alan Hope

    A Luxembourg judge. Perhaps Amazon considered moving its European HQ.

  8. Anonymous Coward
    Anonymous Coward

    "Maintaining the security of our customers' information and their trust are top priorities."

    Bollocks. The few times I've bought something on Amazon, they insist on storing my credit card information. Each and every transaction I have to go into 'my wallet' and delete my card.

    Every. Single. Fucking. Time

    Fucktards.

    1. Strahd Ivarius Silver badge
      Facepalm

      and storing credit card information, including the validation code, is illegal in most EU countries...

      1. Anonymous Coward
        Anonymous Coward

        Not even close. All EU countries are bound by PSD2 regulation, which includes extensive rules around the storing of card holder data. It is illegal to store the CVV/CVC/CV2 code for more than 2 hours, but as long as you say why you are storing the other information, eg. to allow one click payments, or to enable a marketplace to have a basket of items from multiple sellers, and as long as the customer allows this, you can store the rest. You do not need the CVV code for a 'Credential on file' transaction, which could be a subscription, a pay-in-30-days offer, a payment on a marketplace (such as amazon) where you may be paying for multiple items at once from multiple sellers, who will take payment at different times. There are a range of things merchants need to do to support this and the strong customer authentication requirements that go with it.

        There are further regulations around how you store that data, with extensive certification, breach of these rules means banks cannot accept payments for you, and further regulations requiring that the card holder data is stored to allow access to law enforcement tracing card use or money laundering.

  9. Anonymous Coward
    Anonymous Coward

    Diesel-gate cost VW 2.7 billion plus another 2 billion in gratis electric changing facilities being installed in the US.

    On top of that a VW exec visiting Disneyworld got sentenced to seven years in the Magic Prison.

    As much as I think what VW did was pretty low and certainly a crime, I just don't can't imagine the same reaction if it had been a US company.

    Could be wrong but I think that set a new baseline - the sky is the limit for fining companies outside your own jurisdiction.

    1. Anonymous Coward
      Anonymous Coward

      he US auto manufacturers don't have to worry about cheating diesel engines. Ford sells a large diesel V8 for their Super Duty trucks but very little diesel engines outside of that. GM is the same. Chrysler uses a sourced engine from Cummins. Go to Europe and it is very different.

  10. sketharaman

    Largest GDPR Fine?

    "The €746m fine (slapped on Amazon) was the largest penalty under GDPR to date, topping the previous record of €50m from the French National Commission on Informatics and Liberty (CNIL) against Google in 2019 by almost 15 times."

    Whatever happened to the €10bn GDPR lawsuit against Oracle and Salesforce reported by The Register last year? https://www.theregister.com/2020/08/14/privacy_collective_sues_oracle_salesforce_gdpr/

  11. Anonymous Coward
    Anonymous Coward

    But you didn't tell me what ways I shouldn't kill my wife for the insurance!

    If only you had told me that using a length of lead pipe was verboten I wouldn't have done it.

  12. bigtreeman

    $469Billion

    Amazon annual revenue for 2021 was $469.822B

    Amazon annual gross profit for 2021 was $197.478B

    $844m (€746m) fine

    requiring a daily $750,000 payment

    payments over ~1253 days (~3 years)

    just fucking pay the piddly fine and stop jerking off.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like