Tuesday, 22 January 2019 06:08

France hits Google with €50m fine for GDPR violations Featured

By
France hits Google with €50m fine for GDPR violations Pixabay

Google has been hit with a €50 million (US$56.8 million) fine by the French National Data Protection Commission (CNIL) for violations of the GDPR following complaints by the organisations None Of Your Business and La Quadrature du Net, the latter representing 10,000 people.

A statement from CNIL said the fine was imposed for lack of transparency, inadequate information and lack of valid consent over personalisation of advertising.

CNIL can impose fines of up to €20 million or 4% of a company's annual income and chose the latter alternative.

The complaints by NOYB and LQDN were made on 25 and 28 May 2018 respectively and found a number of violations by the search giant.

The CNIL said that information provided by Google was not easily accessible by users and some of the information provided was not easily understandable.

It said that Google had violated the obligation to have a legal basis for personalisation of ads. Elaborating on this, CNIL said users were not given sufficient information to make an informed decision about the ads they received.

Additionally, the watchdog determined that the consent that was provided was neither specific nor unambiguous.

In its statement, the CNIL said: "This is the first time that the CNIL applies the new sanction limits provided by the GDPR.

"The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent."

Contacted for comment, a Google spokesperson replied: "People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR. We’re studying the decision to determine our next steps.”

Commenting on the fine handed out by CNIL, Ryan Kalember, vice-president of security at Proofpoint, said: "This GDPR fine brings to light some vital lessons for other businesses observing this crisis from a distance. By becoming the highest fined company since the GDPR came into force, Google is now the black and white case study of ‘what could happen’ in the event of non-compliance.

"In a privacy-first world, companies must build a people-centric compliance strategy, which can only start by getting visibility into highly regulated data, the systems that process that data and identifying who within your business has access to that data.

"Many organisations are still unsure whether their GDPR compliance strategy is 100% fit for purpose, but this incident signals that long gone are the days where privacy can be relegated to an IT or compliance effort: the magnitude of this fine clearly shows this is a business issue.

"Compliance professionals now have a use case to take to the board to secure any funding and resources they need to become GDPR-compliant if their organisation isn’t today.”

In July last year, the European Union fined Google €4.3 billion for allegedly breaching anti-trust rules over its Android mobile operating system. Google has challenged this fine.

And in June 2017, Google was fined €2.42 billion for allegedly abusing its search engine dominance to give illegal advantage to its own comparison shopping service. The company has appealed against this fine.

A third fine is said to be in the EU pipeline, this for alleged anti-business practices involving Google's AdSense advertising system.

The EU has also floated the idea of breaking up Google into a number of smaller units, with EU competition commissioner Margrethe Vestager saying the political bloc harbours "grave suspicions" about the firm's dominance of the search market.

Brussels is not the only one to fine Google for anti-business practices. In February 2017, the Competition Commission of India fined the company 135.86 crore rupees (about US$21.1 million) for "abusing its dominant position in online general Web search and Web search advertising services in India".

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments