Tuesday, 22 January 2019 06:08

France hits Google with €50m fine for GDPR violations Featured

By
France hits Google with €50m fine for GDPR violations Pixabay

Google has been hit with a €50 million (US$56.8 million) fine by the French National Data Protection Commission (CNIL) for violations of the GDPR following complaints by the organisations None Of Your Business and La Quadrature du Net, the latter representing 10,000 people.

A statement from CNIL said the fine was imposed for lack of transparency, inadequate information and lack of valid consent over personalisation of advertising.

CNIL can impose fines of up to €20 million or 4% of a company's annual income and chose the latter alternative.

The complaints by NOYB and LQDN were made on 25 and 28 May 2018 respectively and found a number of violations by the search giant.

The CNIL said that information provided by Google was not easily accessible by users and some of the information provided was not easily understandable.

It said that Google had violated the obligation to have a legal basis for personalisation of ads. Elaborating on this, CNIL said users were not given sufficient information to make an informed decision about the ads they received.

Additionally, the watchdog determined that the consent that was provided was neither specific nor unambiguous.

In its statement, the CNIL said: "This is the first time that the CNIL applies the new sanction limits provided by the GDPR.

"The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent."

Contacted for comment, a Google spokesperson replied: "People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR. We’re studying the decision to determine our next steps.”

Commenting on the fine handed out by CNIL, Ryan Kalember, vice-president of security at Proofpoint, said: "This GDPR fine brings to light some vital lessons for other businesses observing this crisis from a distance. By becoming the highest fined company since the GDPR came into force, Google is now the black and white case study of ‘what could happen’ in the event of non-compliance.

"In a privacy-first world, companies must build a people-centric compliance strategy, which can only start by getting visibility into highly regulated data, the systems that process that data and identifying who within your business has access to that data.

"Many organisations are still unsure whether their GDPR compliance strategy is 100% fit for purpose, but this incident signals that long gone are the days where privacy can be relegated to an IT or compliance effort: the magnitude of this fine clearly shows this is a business issue.

"Compliance professionals now have a use case to take to the board to secure any funding and resources they need to become GDPR-compliant if their organisation isn’t today.”

In July last year, the European Union fined Google €4.3 billion for allegedly breaching anti-trust rules over its Android mobile operating system. Google has challenged this fine.

And in June 2017, Google was fined €2.42 billion for allegedly abusing its search engine dominance to give illegal advantage to its own comparison shopping service. The company has appealed against this fine.

A third fine is said to be in the EU pipeline, this for alleged anti-business practices involving Google's AdSense advertising system.

The EU has also floated the idea of breaking up Google into a number of smaller units, with EU competition commissioner Margrethe Vestager saying the political bloc harbours "grave suspicions" about the firm's dominance of the search market.

Brussels is not the only one to fine Google for anti-business practices. In February 2017, the Competition Commission of India fined the company 135.86 crore rupees (about US$21.1 million) for "abusing its dominant position in online general Web search and Web search advertising services in India".

DIGITAL MARKETING HAS NO SOCIAL DISTANCING OR TRAVEL RESTRICTIONS

As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email andrew.matler@itwire.com

CONTACT US!

LAYER 1 ENCRIPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments