Swedish music streaming giant Spotify has been fined SEK 58 million ($5.4 million) by the Swedish Authority for Privacy Protection (IMY) for breaching the European Union’s General Data Protection Regulation (GDPR). The penalty comes after an investigation into Spotify’s handling of users’ personal data and their access to that information.
The complaint against Spotify was initially filed in early 2019 by advocacy group Noyb, led by privacy campaigner Max Schrems. Noyb alleged various violations by Spotify, including failure to provide users with their complete personal data upon request and insufficient disclosure of the purposes for which the data was being processed.
