The streaming music giant Spotify will have to pay a fine of 5 million euros for violating the European Union General Data Protection Regulation (Gdpr). The decision comes from the Swedish Data Protection Authority (IMY), after a long legal battle initiated by Noyb, a non-profit organization that defends users’ digital rights.
The dispute between Noyb and Spotify dates back to 2019, when the organization sued the company for failing to guarantee the “data subject’s right of access” provided for in Article 15 of the GDPR. This allows users to access their personal data, to know how they are treated, for how long and to whom they are communicated, as well as to request their cancellation.
Fine jumps for Spotify, but the legal battle is not over
Spotify, which is based in Sweden, would not have adequately responded to user requests, but even Imy has shown little attention to the case, going so far as to deny the claimants’ right to be a party to the case against the company. A situation similar to the one that occurred in Ireland between the local authorities and Meta.
To unlock the proceeding, on June 22, 2022 Noyb sued Imy for default in the Swedish court, obtaining the favor of the same. And while the case is still pending in Sweden’s Supreme Administrative Court, the Imy finally delivered its ruling on June 13, fining Spotify €5 million.
Leave a Reply
View Comments