Amazon has lost its appeal against a E746 million fine imposed by Luxembourg's data protection regulator for breaching EU privacy laws.

The country's administrative court upheld the penalty in a ruling on 18 March, siding with the National Commission for Data Protection (CNPD), which found Amazon had unlawfully processed personal data under the General Data Protection Regulation (GDPR).

The fine remains the largest issued under the EU privacy rules.

The CNPD also ordered Amazon to implement corrective measures, although enforcement will be suspended during the appeal period.

Amazon criticised the decision, arguing the fine was based on subjective legal interpretations without prior guidance from regulators. The company confirmed it is considering further legal action.

Europe has taken a strict stance on data privacy violations, with GDPR setting a global benchmark for consumer protections.

The ruling against Amazon reinforces the EU's commitment to holding major tech companies accountable for their handling of personal data.