Discord Lost $830,000 Because of Its Crooked Data Protection Policy
Discord was fined €800,000 for not keeping up its proper data protection practices and compliance. Here is everything you need to know about it.
Discord was fined for not keeping up its proper data protection practices and compliance. Here is everything you need to know about it.
On 10th November 2022, Discord got fined $830,000 by the CNIL for failing to comply with several Obligations of the GDPR. This has been a dreadful amount equivalent to the virtual commotion that happened.
About GDPR
The GDPR stands for General Data Protection Regulation its main function is to ensure data protection and privacy in the European Union and the European Economic Area.
The GDPR is a crucial part of EU privacy legislation and human rights law, particularly Article 8 of the European Union's Charter of Fundamental Rights.
About the CNIL
CNIL stands for Commission Nationale Informatique & Libertés, an independent French administrative regulatory body, focused on ensuring the data privacy law is applied to collecting, storing, and using personal data.
Getting Discord Caught
The CNIL declared that the Company failed to meet the requirements with several obligations under the GDPR (General Data Protection Regulation). After the fine was imposed, it was made public gradually on the internet. Several issues were identified that left the CNIL unanswered by Discord INC. which made them decide the fine.
The issues have been elaborated on in a simple manner in this article. Let us take a closer look.
Lack of Explanation for the missing of Data Retention Policy
The Company confessed that it did not have any data retention policy that was penned. The CNIL found that the that there were
- 2,474,000 French user accounts in Discord that had not been used for more than three years
- 58,000 accounts that had not been used for more than five years.
After this, the company had written a data retention policy that mentions the deleting of Discord accounts after 2 years of inactivity.
No abiding by the responsibility to provide information
The information given by Discord based on the data retention periods was left incomplete. However, the company agreed to abide by during the investigation
Failure to ensure data protection by default
For example, a user is said to be in a voice channel but closes the Discord tab and assumes the application has been closed. Unfortunately, your privacy just got a wave of disturbance because the application still runs in the background and stays in the voice chat connected. Some of you might have noticed it but would have ignored this.
This will be a problem if you speak something personal that might be heard by others which you definitely won't want.
Unsatisfying security for private data
When a user creates a Discord account, the application allows the user to create a 6-digit week password consisting of letters and numbers.
According to the CNIL, the restricted committee considered that Discord's password management policy was not sufficiently strong and restrictive to ensure the security of users' accounts.
Didn't carry out a data protection impact assessment
The company considered that carrying out a data protection impact assessment was unnecessary. It was told that the company must have done an impact analysis and given the volume of data processed by the company and about the usage of the application by minors
Proof of Violated Acts
Made by the CNIL | |
---|---|
Article 5 of the GDPR (principles relating to data processing) | |
Article 13 of the GDPR (duty to inform data subjects) | |
Article 25 of the GDPR (data protection by default) | |
Article 32 of the GDPR (obligation to ensure data security) | |
Article 35 of the GDPR (obligation to carry out an impact analysis) |
CNIL Official Site
Should you stop using Discord?
Certainly not, our mission is not to scare users with our Discord articles. All these are made for educational and information purposes only. The issues have been solved and fixed by Discord after this painstaking investigation by the CNIL.
That's all for today, hope you enjoyed today's article. Make sure to join our official Discord server to discuss further on this topic or suggest new articles!
Like what you're reading?
We do this everyday. Unlock exclusive benefits, 4K wallpapers, and more. Become a member for the price of a coffee.