VIENNA (Reuters) – Apple <AAPL.O> and Amazon <AMZN.O> are among eight tech firms named in a complaint filed in Austria by non-profit organisation noyb, which cited their failure to comply with the European Union’s General Data Protection Regulation (GDPR).
The action by noyb, chaired by data privacy activist Max Schrems, also named Netflix <NFLX.O>, Spotify <SPOT.N> and Youtube <GOOGL.O>, after it tested them by requesting private data the companies hold about the user.
“No service fully complied,” noyb said in its statement.
The GDPR, implemented in May, gives users the right to access their data and information about the sources and recipients of the data. Social networks must regain Europeans’ consent every time they want to use their data in new ways, including for targeted advertising.
The GDPR foresees fines of up to 4 percent of global revenues for companies that break the rules.
Noyb said it filed its complaints with the Austrian authority on behalf of 10 users. The Austrian watchdog would have to work with its counterparts at the streaming services’ main establishments.
“Many services set up automated systems to respond to access requests, but they often don’t even remotely provide the data that every user has a right to,” Schrems said. “This leads to structural violations of users’ rights, as these systems are built to withhold the relevant information.”
Schrems is a veteran privacy campaigner who took his first legal action against Facebook <FB.O> as a student in 2011.
Now a lawyer, Schrems filed complaints last year against Google, Facebook, Instagram and WhatsApp, arguing they were acting illegally by forcing users to accept intrusive terms of service or lose access.
(The story was refiled to remove a repeated word in the second paragraph)
(Reporting by Kirsti Knolle; Editing by Edmund Blair)