FRANCE’s data privacy regulators have imposed a US$57-million (€50 million) fine on United States tech titan Google, The Washington Post reported on January 21.
The French data privacy agency CNIL (Commission de Nationale de l’Informatique et des Libertes — National Commission on Informatics and Liberty, in English) imposed the fine on Google “for violating Europe’s tough new data-privacy rules.”
In an article authored by The Post‘s Tony Romm, it was learned that the fine marked the first major penalty levied on an American technology giant since the European Union (E.U.) data privacy measure dubbed General Data Protection Regulation (GDPR) became effective in 2017.
It added the fine could have implications on other tech organizations operating in Silicon Valley in the U.S.
Images source: Courtesy of Pixabay.
GDPR is a key part of the data protection reforms crafted by the European Commission as they made Europe “fit for the digital age.”
While the GDPR applies to all organizations in every member-state of the E.U., its tentacles have implications for businesses and individuals across the region and beyond, ZDNet pointed out in an article where the author, Danny Palmer, fully explained the regulation.
According to The Post, paraphrasing CNIL, “Google failed to fully disclose to users how their personal information is collected and what happens to it. Google did not also obtain users’ consent for the purpose of showing them personalized ads.”
It can be recalled the tech leviathan has recently made changes in order to comply with the rules of the EU, but CNIL said in its statement issued on January 21, 2019, that “the infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services and almost unlimited possible combinations.”
Google responded to the imposition of the fine. It said it is studying the decision of France’s CNIL to determine what steps to take next.
It also assured its commitment to the EU law on data privacy.
“People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR.”
In its published statement, CNIL recalled that it received group complaints on May 25 and 28, 2018 made by two associations, the None of Your Business (“NOYB”) and La Quadrature de Net (“LGDN”).
The two organizations cited what they said Google’s “for not having a valid legal basis to process the personal data of the users of its services, particularly for ads personalization purposes.”
Acting on the complaints, CNIL started immediately its investigations based on EU cooperation laid out in the GDPR. (The Post/EKU)
The Washington Post, ZDNet, CNIL