Music streaming giant Spotify was fined 58 million kroner ($5.4 million) on Tuesday for failing to properly inform users about the use of the data it collected about them, Swedish authorities said.
Spotify said it plans to appeal the decision.
Sweden’s Privacy Protection Authority (IMY) said it had reviewed “how Spotify handles customers’ right to access their personal data.”
“As a result of the shortcomings found, IMY is imposing a fine of 58 million kroner on the company,” the authority said.
The regulator noted that under the rules of European data protection law GDPR, users have the right to know what data a company has about an individual and how that data is used.
IMY said that while Spotify handed out the data it had at the request of an individual, it said the company was not specific enough about how that data was used.
“Because the information provided by Spotify is unclear, it is difficult for individuals to understand how their personal data is processed and to verify that the processing of their personal data is lawful,” said IMY.
It added that the “detected flaws are generally considered to be of low severity,” justifying the size of the fine by Spotify’s number of users and revenue.
The streaming giant, listed on the New York Stock Exchange, announced in April that it had passed the 500 million monthly active user mark with 210 million paying subscribers.
Spotify rejected the IMY findings, saying in an emailed statement to AFP that it “provides all users with comprehensive information about how personal data is processed.”
IMY “found only small parts of our process that they believe need improvement. However, we disagree with the decision and plan to appeal,” Spotify said.
Privacy activist group Noyb said in a separate statement that the fine followed a complaint and subsequent lawsuits from the group, and while they welcomed the decision, they lamented the authorities’ tardiness.
“The case lasted more than four years and we had to litigate with the IMY to get a decision. The Swedish authority should definitely speed up its procedures,” Stefano Rossetti, a privacy attorney at Noyb, said in the statement.
(Except for the headline, this story has not been edited by NewsMadura staff and is being published from a syndicated feed.)