Music streaming behemoth Spotify was fined $5 million in Sweden for violating users’ privacy rights.
Swedish regulators found the Stockholm-based company did not tell users about all the personal data it was collecting, TechCrunch reported.
“Since the information provided by Spotify has been unclear, it has been difficult for individuals to understand how their personal data is processed and to check whether the processing of their personal data is lawful,” the Swedish Authority for Privacy Protection told Agence France-Presse.
Spotify said it plans to appeal the fine.
A group of Spotify users in the European Union filed a privacy complaint against the streaming giant in 2019, according to TechCrunch. They said Spotify was refusing to reveal the extent of its personal data collection.
The complaint spent years tied up in bureaucratic red tape, eventually landing under the jurisdiction of Sweden’s privacy regulator. After a months-long investigation, the authorities ruled that Spotify had in fact violated the users’ privacy rights.
“The EU cooperation, which came with [the EU’s General Data Protection Regulation], is something relatively new to us and there is ongoing work within the EU to streamline the cooperation — something we see that there is a need for,” regulators told TechCrunch.
The EU has much tighter privacy regulations than the U.S. and many other governments. Numerous tech companies have faced much heftier fines in recent years. Meta, parent company of Facebook, has been fined more than $1.5 billion. Amazon was slammed with a nearly $900 million fine, while Google had to pay $2.8 billion. Even Grindr got fined $7 million.