Spotify was fined SEK 58 million ($5.4 million) by a Swedish regulator after the firm was found to have breached the European Union’s General Data Protection Regulation (GDPR). The problem is how Spotify handles its users’ personal data and how its customers have access to it.
In early 2019, the privacy advocate Max Schrems’ advocacy organization Noyb filed a complaint against Spotify and other big digital giants. Noyb claimed in the lawsuit that, among other things, Spotify did not give all personal data to users upon request and did not explain the grounds for processing such information.
According to the Swedish Authority for Privacy Protection (IMY), while Spotify provides users with personal data that it processes upon request, the corporation “does not inform users clearly enough about how this data is used by the company.”” It stated that Spotify should be more clear “about how and why individuals’ personal data is used.”” Due to the ambiguity, “it has been difficult for individuals to understand how their personal data is processed and to check whether the handling of their personal data is lawful,” according to the IMY.
The regulator stated that the concerns were of “low seriousness” and that Spotify had taken efforts to rectify them. The IMY assessed the penalties based on these considerations, as well as Spotify’s income and user base. Given Spotify’s global user base, it made the judgment with the assistance of other EU data protection authorities.
“Spotify offers all users comprehensive information about how personal data is processed,” the Swedish business said in a statement to a credible source. According to the company, the regulator “found only minor areas of our process that they believe need improvement.” However, we disagree with the verdict and want to appeal.
- Google Introduces AI Mode: A Game-Changer for Search - March 12, 2025
- Security Researchers Find DeepSeek Security Vulnerabilities - February 6, 2025
- Tech Giants Unite to Tackle Child Safety Online with ROOST - January 11, 2025
