Amazon In Line for GDPR Penalties Following Suspected Violation

A report in the Wall Street Journal has led to a review of Amazon’s business practices due to claims that some of its staff members have been leaking consumer and company data in return for cash.

The claims say that Amazon staff have been selling user information and other confidential data to private sellers through the platform. Most of the offences are thought to have taken place in China. It is also thought that Amazon employees have been receiving payment for deleting negative reviews and reinstating blocked accounts.

The Wall Street Journal, in a report included in their September 16 edition, said that a seller can pay $80 to $2000 through intermediaries to purchase confidential data from Amazon, including customers’ emails and lists of popular terms.

If the claims are proven Amazon may be facing a multi-billion dollar fine under the General Data Protection Regulation (GDPR) which has a maximum possible penalty is €20 or 4% of annual global revenue. In Amazon’s case the highest figure would be around €7bn. Realistically, the actual fine would would be much lower as the breach, at this point in time, seems to have been mainly localized in China.

Oz Alashe, CEO of intelligent cybersecurity awareness platform, CybSafe, referred to the possibility of Amazon being hit with a GDPR fine to online business new portal Verdict. He stated: “Given the type of content leaked – which at this stage, appears to be email addresses – Amazon may find itself in breach of GDPR. Even as a US company, EU regulators can levy fines of up to 4% of a company’s global turnover, which for a company like Amazon, would equate to a maximum penalty of roughly €7bn. However, in this instance, a maximum fine is unlikely as the leak appears to be mostly localised to China. Nonetheless, the extent of the data leak and bribes isn’t clear, and the number of customers affected also hasn’t been established. More transparency will be needed before we can determine more accurate financial consequences for all involved. Reputationally, however, this news will have already caused significant damage. Amazon is already in hot water over misuse of information, with allegations of ‘fake reviews’ hosted on its site. This latest news confirms that its data woes are growing.”

It remains unknown if these allegations affect the eCommerce multinational fiem. Scott Logie, Read Group’s customer engagement director said: “In the post-GDPR era, building long-term trust and loyalty is more important than ever. By looking at loyalty trends across different years, we have seen how many consumers are actually more loyal than they believe they are at heart.”

Amazon released a statement which said: “We hold our employees to a high ethical standard and anyone in violation of our Code faces discipline, including termination and potential legal and criminal penalties. In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them, including terminating their selling accounts, deleting reviews, withholding funds, and taking legal action.”