Dutch Authority Fines Netflix €4.75 Million for GDPR Violation

A recent victory for privacy rights has been achieved against Netflix by the Dutch data protection authority (DPA). After nearly five years, the DPA has levied a fine of €4.75 million against Netflix for failing to adequately disclose how it handles customer data.

In 2019, noyb filed complaints against several streaming providers, including Netflix, for not properly responding to user access requests under Article 15 GDPR. This article requires companies to provide users with copies of their data, details on its sources and recipients, processing purposes, storage locations, and durations.

Stefano Rossetti, a data protection lawyer at noyb, expressed satisfaction with the DPA’s decision but noted the lengthy process involved. The Dutch DPA agreed with noyb’s view that Netflix didn’t sufficiently inform customers of its data practices. However, Netflix not only failed to explain its data collection and usage but also did not fully provide a copy of the user’s data in question.

While Netflix has objected to the fine, the case is ongoing, awaiting further decisions from authorities. noyb continues to advocate for strong data privacy policies and enforcement against companies that violate privacy regulations. Hopefully, this case will set a precedent for improved transparency and accountability in data handling by streaming services in the future.