The Dutch Data Protection Authority (DPA) says Netflix did not sufficiently disclose how it handled user data between 2018 and 2020. The DPA has decided to impose a fine of €4.75 million on the streaming company.
The DPA started its investigation after complaints received from an Austrian NGO, None of Your Business (NOYB), alleging the company failed to provide sufficient information about the processing of user data on behalf of two subjects.
The DPA said Netflix provided vague information on the purpose and legal basis for collecting personal data, how much of the data it shares with third parties, how long it retains the data, and the safeguards it uses to keep it safe.
DPA chairman Aleid Wolfsen said a company like Netflix, "with a turnover of billions and millions of customers worldwide," has to explain how it handles user data. "That must be crystal clear. Especially if the customer asks about this. And that was not in order," Wolfsen added.
Netflix has objected to the fine and argued that since May 2018, it has provided an explanation of its recommendations system through the help center. It also says that the way data is processed is "uncomplicated and consistent," and "that it complies with the information obligations."
Are you a techie who knows how to write? Then join our Team! Wanted:
- News Writer (Romania based)
Details here