Published: Tue, January 22, 2019
Markets | By Erika Turner

France fines Google $57 million for European privacy rule breach

France fines Google $57 million for European privacy rule breach

In a statement explaining the action, the French agency known as the CNIL noted that the fine is a result of deficiencies that include Google not being clear enough about the way user data is handled to present personalized ads.

"The relevant information is accessible after several steps only, implying sometimes up to 5 or 6 actions", the regulator said.

"We're studying the decision to determine our next steps", it said.

Max Schrems, chairman of None of Your Business, said he was "very pleased" with the ruling.

Despite Google's changes, the CNIL said in a statement that "the infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services and nearly unlimited possible combinations".

Google's CEO Sundar Pichai is visiting Poland today to meet with Poland's Prime Minister Mateusz Morawiecki at a meeting to develop an innovative economy in central Europe.

"We therefore expect the CNIL to respond quickly to the rest of our complaint, about Youtube, Gmail and Google Search, imposing this time a sanction of an amount proportionate to this company and the extent and the duration of the violation of our rights", the group said in a statement Monday.

Federal judge: Government employees can't refuse to work unpaid during partial shutdown
"It's hard not to empathize" with federal workers during the government shutdown , Leon said. The day the shutdown started, January 8, 400 federal workers filed unemployment claims .

"It is important that the authorities make it clear that simply claiming to be compliant is not enough".

The GDPR is widely considered the biggest shake-up to data privacy regulations since the advent of the web.

Although most major tech organizations - including Google - made sweeping changes past year in response to the passage of the GDPR rules, the CNIL says that Google hasn't done enough.

CNIL launched an online inspection to check the compliance of Google's processing operations with both the GDPR and the French Data Protection Act by "by analysing the browsing pattern of a user and the documents he or she can have access, when creating a GOOGLE account during the configuration of a mobile equipment using Android".

As concluded by CNIL's press release (original French version here) regarding Google's €50 million financial penalty, the fine was justified by the gravity of the company's infringements of essential GDPR principles such as information, transparency, and consent.

France's maximum data protection fine used to be a mere €150,000, though it upped that to €3 million in the two years before the GDPR law took effect.

Meanwhile, Google-owned YouTube is also the target of a GDPR complaint filed by NOYB for violating the "right to access" provision described in the European Union regulation's Article 15, with a maximum penalty that could reach €3.87 Billion according to the NGO.

Like this: