Data protection: Spotify fined almost 5 million euros in Sweden

How does Spotify use user data? It is not clear, judged the Swedish authorities, considering that the company did not communicate sufficiently precisely on the way in which it uses this data. And on Tuesday sentenced the world’s number one audio platform to a fine of 58 million crowns (5 million euros) under the General Data Protection Regulation (GDPR). Spotify will appeal the decision.

“A person requesting access to their data should be able to easily understand how the company uses this data,” explained Karin Ekström, one of the lawyers who led the investigation at the Swedish Data Protection Authority. data (Integritetsskyddsmyndigheten, IMY). And in some more complex cases, the explanations around this data must be available “not only in English, but also in the language of the person concerned”. “We have identified gaps in these areas,” said Karin Ekström.

But these are “not serious on the whole”, added the Swedish authority, stressing that the company had “taken several measures to meet the requirements of the right of access for people”. The amount of the fine is justified by the place occupied by the platform in the legal music streaming sector, and given the number of its users, more than 515 million at the last score in April.

Late decision

The firm Noyb, at the origin of the complaint against Spotify, welcomed the Swedish decision, but regretted its late nature. “The case lasted more than four years and we had to go to IMY to obtain a decision. The Swedish authority must absolutely speed up its procedures”, noted Stefano Rossetti, lawyer specializing in the protection of privacy at Noyb.