The European Union’s General Data Protection Regulation (GDPR) was breached by the American technology company Discord which is a gamers social media app.
According to the announcement made by the French data and privacy authority CNIL.
Small Info on Discord: Users on Discord are able to communicate with one another over the internet using a microphone, webcam, and text chat when using the platform.
Read This Article: Dark Side Of Discord
According to the CNIL, the amount of the fine was determined by taking into account both the number of people (Users) whose rights were violated and the number of rights that were violated.
In addition to this, the regulatory body took into consideration “the efforts made by the company throughout the procedure to reach compliance and the fact that its business model is not based on the exploitation of personal data.”
In point of fact, the amount of 800K EUR is relatively low in comparison to some of the other fines that the CNIL has imposed on various other companies in the past.
There is more….
According to the CNIL, Discord broke several provisions of the GDPR in multiple ways.
- Even though it was presented as a way to leave a voice chat, clicking the “X” button in a voice chat did not disconnect users from the conversation, even though the button was labeled as such.
- Clicking the “X” in the majority of Windows applications causes the program to close, whereas in Discord, clicking the “X” only causes the application to move to the background.
- This could result in users inadvertently broadcasting private conversations to other users who are taking part in a chat.
The investigation conducted by the agency found that “users of Discord were able to input weak passwords consisting of six alphabetic and numeric characters”.
Users of the service are now required to have a password that is eight characters long and contains all four different character types.