Google fined £44m by French authorities

Google has been handed a record €50 million (£44 million) fine by France’s data watchdog in the first penalty to stem from the EU’s general data protection regulation (GDPR).

France’s data regulator CNIL said it was levying the fine on the search giant for failing to provide transparent and easy to access information on its data consent policies and opt-ins and opt-outs for use of personal data, both of which fall below the strict data protection and management protocols set out in GDPR regulation.

The regulator highlighted the multi-stage process involved in the user giving their consent for Google to process data for advert personalisation purposes and said the search giant made it too difficult to manage preferences on how their information is used.

“People expect high standards of transparency and control from us, we're deeply committed to meeting those expectations and the consent requirements of the GDPR," a Google spokesperson said.

"We're studying the decision to determine our next steps," the spokesperson added.

It is the first time CNIL has applied a fine under the GDPR legislation since it was implemented in May last year.

However, the fine it is the latest stage in a long running attempt to crackdown on Google’s data practices by the French regulator.

Google is locked in a legal appeal over a €100,000 fine levied in 2016 by CNIL over non-compliance with the “right to be forgotten” internet rule which enables individuals to request deletion of their data from search results.

Announcing the decision, CNIL stated: “This is the first time that the CNIL applies the new sanction limits provided by the GDPR. The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent.

It added: “Despite the measures implemented by Google (documentation and configuration tools), the infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services and almost unlimited possible combinations.”

    Share Story:

Recent Stories