Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Vol. 12 | Amazon's getting sweaty with new data regulation policies

Hi there!

Data protection authorities and an executive order to the FTC are closing down on big-tech companies, and Amazon is caught between the fences. Who will win the data battle?

Meanwhile, cyberattacks are getting deadlier, causing losses greater than the combined GDPs of Denmark, New Zealand, and Singapore, forcing authorities to take proactive measures. All this, and much more, when you scroll down 👇


1. Amazon v/s GDPR - and an $887 million penalty record

2. Something better than emails to send contracts

3. US' answer to cyberattacks

4. How to go from a US military sergeant to a general counsel

5. Other stories shaking up the legal industry


In its 10-Q SEC filing last month, Amazon disclosed a ~$887 million fine imposed against it by the Luxembourg National Commission for Data Protection (CNPD).

The allegation: That Amazon’s data handling procedures do not comply with the EU GDPR. Luxembourg CNPD’s imposition is based on a case presented in 2018 by La Quadrature du Net - a French privacy rights group, over the way the eCommerce company collects and uses customer data.

There is also considerable clout over how Amazon collects/uses data from independent sellers on its platform. In an antitrust hearing last year, Jeff Bezos couldn’t guarantee that the company didn’t ever use seller data to gain a competitive advantage.

The repercussion: Amazon is now neck-deep in data-related troubles. The FTC is already monitoring its MGM merger. And recently, President Biden issued an executive order urging the FTC to establish rules on surveillance and the accumulation of data.

Couple that with a June 2021 ruling by the ECJ that national data protection authorities across the EU can pursue cases against tech giants even when they are not the lead watchdog for that company, and Amazon could potentially be looking at a potpourri of legal cases against it.

What’s Next: This is the largest fine under the GDPR, beating a $50 million penalty on Google. And just like them, Amazon will appeal against this decision. Interestingly, Google's appeal was dismissed by a French court earlier this year.

This could be the inflection point, not just for the GDPR, but how regulations related to data collection and usage are enforced against tech companies in general. Or, it could be yet another long-drawn court battle.


If you’ve lost many contracts in email thread rabbit-holes, this is something you will definitely appreciate. Presenting SpotDraft’s counterparty workflow feature 🎉 that lets you collaborate faster, track edits better, and send contracts easily.

All contracts are nested within one intuitive interface so you can track conversion, follow up on reviews/edits, and even sign them without having to open your mailbox!

Here's how it works 👇

Counterparty Worlfow with SpotDraft Contract Management Software


This month, a bill called the Cyber Incident Notification Act was proposed in the US Senate. The bill aims at streamlining the reporting of cyberattacks by identifying authority channels and laying down guidelines for certain companies in the event of an attack.

Meanwhile, the State Department is offering cryptocurrency rewards of up to $10 million for information and location of state-backed hackers targeting US government systems.

Why now?

- In 2020, ransomware and cyberattacks racked up losses worth $1 trillion, a steep 50% jump from 2018.

- In 2021 alone, the USA saw two high-profile attacks involving Colonial Pipeline and JBS S.A.

- New attacks are extremely dangerous as hackers are shifting towards disrupting operations over stealing data.

- The FBI director even compared new-age cyberattack threats to the 9/11 terror attacks.

Legal sector - a target?

One study revealed that in the last 12 months, 95% of legal organizations struggled with data breaches resulting from human error and phishing attacks.

Here are a few measures you can take to protect your business.


Lisa Lang interview with SpotDraft on in-house counsel success and becoming a GC

Lisa K. Lang is not your conventional counsel. The current Kentucky State University GC began her career as a US Military sergeant before serving as an Assistant General Attorney and working in various in-house capacities.

In this episode of #LegalMatters, Lisa shares insights on navigating the in-house environment, networking tips for lawyers, and her philosophy on life.

Read the interview


- The US Senate proceeds with the $1 Trillion Infrastructure Bill that has left many cryptocurrency enthusiasts bitter.

- Apple’s controversial NeuralHash, which will inspect iPhones in the US for child abuse content has ignited privacy concerns.

- The FTC unanimously sided with the customers in the controversial Right to Repair debate.

- Streaming services are becoming avenues of harassment after a man violated restraining orders by renaming his ex-wife’s Napster playlists.

- Zoom settled an $86mn class-action privacy lawsuit for sharing user personal data with Facebook, Google, and LinkedIn.

Finally, the IPCC did not mince any words in its latest 3,949-page report. Human influence over the past 50 years has resulted in spiraling surface temperatures and skewed climate patterns, giving way to extreme heat waves, tropical storms, and other weather anomalies. Time for sunscreen… or a sustainable lifestyle.

With that, we end this month’s SpotDigest. Until then, take care and stay well, we’ll catch you in the next one!

Kevin Fernandes

🤔 Received this email from someone else? Click to subscribe to SpotDigest, hear from us directly. Or checkout our previous editions here.

No items found.