Netherlands’ Data Protection Authority (AP) has reportedly imposed a €4.75 million ($4.9 million) fine on Netflix. The Dutch privacy watchdog claimed that the streaming giant failed to adequately inform users about its data practices between 2018 and 2020.
In a statement to the news agency Reuters, the DPA said that its investigation, which started in 2019, showed that “Netflix did not inform customers clearly enough in its privacy statement about what exactly Netflix does with those data.”
“Furthermore, customers did not receive sufficient information when they asked Netflix which data the company collects about them. These are violations of the General Data Protection Regulation (GDPR),” the privacy watchdog added.
In an emailed statement to Reuters, a Netflix spokesperson said: “Since this investigation began over five years ago, we have cooperated with the Dutch Data Protection Authority and proactively evolved our privacy information to provide even greater clarity to our members. We have objected to this decision.”
Netflix, which has since revised its privacy policy and enhanced its information disclosure, is reportedly contesting the fine. However, the streaming giant has not yet responded to a request for comment.
What Dutch privacy watchdog said against Netflix
In a statement to another news agency AFP, AP chairman Aleid Wolfsen said: “A company like that, with a turnover of billions and millions of customers worldwide, has to explain properly to its customers how it handles their personal data. That must be crystal clear. Especially if the customer asks about this. And that was not in order.”The data protection authority also stated that Netflix provided unclear or inadequate information in several areas. The watchdog highlighted that Netflix was not transparent about the reasons for collecting personal data, the sharing of data with third parties, the data retention period, and the security measures employed for data transfers outside Europe.