Privacy activist slams Apple, Amazon, YouTube and Spotify for GDPR violations
Max Schrems said eight of the biggest streaming services refused to hand over information about the data they hold
European citizens have complained en masse that companies such as Amazon, Apple, YouTube, and Spotify are misusing their data.
The claims were brought to light by Austrian privacy group noyb, led by activist Max Schrems, which say that the companies highlighted are not adhering to the General Data Protection Regulations (GDPR).
Schrems said in the complaint that he requested eight streaming companies including Amazon, Apple, Spotify, Netflix, Soundcloud, YouTube and UK-based sports streaming service DAZN, provide the information they hold about customers.
GDPR and the cloud General Data Protection Regulation (GDPR) Securing a startup in the GDPR age
However, Soundcloud and DAZN didn't even respond to the request, while the others failed to provide adequate data about how their customers' details were used.
"Spotify takes data privacy and our obligations to users extremely seriously," the company said in a statement. "We are committed to complying with all relevant national and international laws and regulations, including GDPR, with which we believe we are fully compliant."
Schrems said that most companies his group sent requests to simply set up automated replies but this isn't compliant with GDPR. Companies must provide details about the data they collect, how the data is used and stored and who it's shared with in order to comply with the law.
"In most cases, users only got the raw data, but, for example, no information about who this data was shared with," Schrems added.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The companies could find themselves with fines of up to 20 million or 4% of their global turnover if they're found to be violating GDPR regulations.
Other companies such as Facebook and Google have come under fire for not adhering to the law in Europe following the introduction of the GDPR in May last year.
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.