Vinted Fined €2.3m Over Data Protection Failure

Security

Vinted, the leading online platform for second-hand sales, has been fined €2,385,276 ($2,582,730) for breaching the EU’s General Data Protection Regulation (GDPR) in relation to personal data deletion requests.

The fine was issued on July 2 by the Lithuanian Data Protection Office (VDAI), the country where Vinted UAB’s global headquarters are based.

It follows a series of complaints over data protection failures, notably from France, Vinted’s leading customer market.

These complaints started in 2020 and “mainly concerned difficulties encountered by individuals in exercising their right to data erasure,” the French data protection authority (CNIL) noted in a public statement published on July 3.

These complaints were conveyed to the VDAI, which was tasked with investigating the case in collaboration with French, Polish, Dutch and German authorities.

Vinted’s ‘Stealth Ban’ System Under Scrutiny

According to the CNIL, the second-hand platform failed to “fairly and transparently” process requests for personal data deletion.

The authority also blamed Vinted for implementing a “stealth ban” system.

This system consists of “making the activity of a user considered to be malicious (who does not respect the platform’s rules) invisible to other users, without the user noticing, to encourage the user to leave the platform,” explained the CNIL.

The French data protection authority considers this method “an excessive infringement of users’ rights.”

Finally, Vinted could not demonstrate that it had adequately responded to customer requests for access to personal data.

Vinted told French press agency AFP that it would appeal the case.

A Vinted spokesperson said: “We fundamentally disapprove of this decision, [which] has no legal basis and sets a new precedent that goes beyond both current legislation and industry practice.”

Read more: Replacing GDPR in the UK: A Cost-Benefit Analysis

Products You May Like

Articles You May Like

CISOs Turn to Indemnity Insurance as Breach Pressure Mounts
Amazon MOVEit Leaker Claims to Be Ethical Hacker
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
watchTowr Finds New Zero-Day Vulnerability in Fortinet Products
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 – Nov 10)

Leave a Reply

Your email address will not be published. Required fields are marked *