"Spotify Fined $5 Million for Breaching EU Data Rules"

Music streaming giant Spotify, was recently fined 58 million kronor ($5.4 million) for not properly informing users on how data it collected on them was being used, Swedish authorities said.  Spotify said it planned to appeal the decision.  The Swedish Authority for Privacy Protection’s (IMY) stated that it had reviewed how Spotify handles customers’ right of access to their personal data and found shortcomings.  The regulator noted that under the rules of the European data protection act GDPR, users have a right to know what data a company has about an individual and how that data is being used.  IMY stated that while Spotify did hand out the data it had when requested by an individual, it said the company had not been sufficiently specific as to how that data was being used.  IMY noted that since the information provided by Spotify has been unclear, it has been difficult for individuals to understand how their personal data is processed and to check whether the processing of their personal data is lawful.  

SecurityWeek reports: "Spotify Fined $5 Million for Breaching EU Data Rules"