SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
French regulators hit Google with a $57 million fine for violating users' privacy rights under a new European Union regulation implemented last May. (Photo: Pixabay)
France Hits Google With $57 Million Fine for Violating EU's New Consumer Privacy Rules
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
Jan 20, 2019
French regulators on Monday hit Google with a $57 million penalty--the first fine targeting a U.S. technology giant under Europe's strict new data privacy rules.
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
--Ailidh Callander, Privacy International
Implemented across the European Union (EU) in May of 2018, the General Data Protection Regulation (GDPR) aims to bar tech companies from relying on "long illegible terms and conditions full of legalese" to obtain and use data. Under the new rules, "the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent."
Responding to the EUR50 million penalty levied against Google, Ailidh Callander of Privacy International said, "This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
France's digital privacy watchdog, the National Data Protection Commission (CNIL), charges that although Google took some steps to comply with GDPR, it still fails to make data processing information "easily accessible for users" and does not validly obtain consent for showing users personalized ads.
"The infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services, and almost unlimited possible combinations," a statement from CNIL said.
"This is the first time that the CNIL applies the new sanction limits provided by the GDPR," the statement noted. "The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information, and consent."
The watchdog's investigation and penalty came in response to complaints from the data protection advocacy groups None Of Your Business (NOYB) and La Quadrature du Net.
"We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law," NOYB chairman Max Schrems said in a statement.
Since GDPR was introduced, Schrems explained, "we have found that large corporations such as Google simply 'interpret the law differently' and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough."
"We welcome this first sanction based on our collective complaints, especially because this decision cuts short the attempted escape of Google to Ireland," La Quadrature du Net said in a series of tweets while also calling for further actions regarding other complaints.
Google, for its part, said in a statement that it is "studying the decision to determine our next steps." The company added: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."
Europe's new rules, as the Washington Post pointed out, "have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines. The United States lacks a similar, overarching federal consumer privacy law, a deficiency in the eyes of privacy rights advocates that has elevated Europe as the world's de facto privacy cop."
While welcoming the news out of France on Monday, consumer advocates urged U.S. regulators to follow suit. As Marc Rotenberg, the executive director of the Electronic Privacy Information Center, put it, "The big question now is why the Federal Trade Commission failed to act against the tech firms over these many years."
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
French regulators on Monday hit Google with a $57 million penalty--the first fine targeting a U.S. technology giant under Europe's strict new data privacy rules.
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
--Ailidh Callander, Privacy International
Implemented across the European Union (EU) in May of 2018, the General Data Protection Regulation (GDPR) aims to bar tech companies from relying on "long illegible terms and conditions full of legalese" to obtain and use data. Under the new rules, "the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent."
Responding to the EUR50 million penalty levied against Google, Ailidh Callander of Privacy International said, "This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
France's digital privacy watchdog, the National Data Protection Commission (CNIL), charges that although Google took some steps to comply with GDPR, it still fails to make data processing information "easily accessible for users" and does not validly obtain consent for showing users personalized ads.
"The infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services, and almost unlimited possible combinations," a statement from CNIL said.
"This is the first time that the CNIL applies the new sanction limits provided by the GDPR," the statement noted. "The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information, and consent."
The watchdog's investigation and penalty came in response to complaints from the data protection advocacy groups None Of Your Business (NOYB) and La Quadrature du Net.
"We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law," NOYB chairman Max Schrems said in a statement.
Since GDPR was introduced, Schrems explained, "we have found that large corporations such as Google simply 'interpret the law differently' and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough."
"We welcome this first sanction based on our collective complaints, especially because this decision cuts short the attempted escape of Google to Ireland," La Quadrature du Net said in a series of tweets while also calling for further actions regarding other complaints.
Google, for its part, said in a statement that it is "studying the decision to determine our next steps." The company added: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."
Europe's new rules, as the Washington Post pointed out, "have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines. The United States lacks a similar, overarching federal consumer privacy law, a deficiency in the eyes of privacy rights advocates that has elevated Europe as the world's de facto privacy cop."
While welcoming the news out of France on Monday, consumer advocates urged U.S. regulators to follow suit. As Marc Rotenberg, the executive director of the Electronic Privacy Information Center, put it, "The big question now is why the Federal Trade Commission failed to act against the tech firms over these many years."
French regulators on Monday hit Google with a $57 million penalty--the first fine targeting a U.S. technology giant under Europe's strict new data privacy rules.
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
--Ailidh Callander, Privacy International
Implemented across the European Union (EU) in May of 2018, the General Data Protection Regulation (GDPR) aims to bar tech companies from relying on "long illegible terms and conditions full of legalese" to obtain and use data. Under the new rules, "the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent."
Responding to the EUR50 million penalty levied against Google, Ailidh Callander of Privacy International said, "This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
France's digital privacy watchdog, the National Data Protection Commission (CNIL), charges that although Google took some steps to comply with GDPR, it still fails to make data processing information "easily accessible for users" and does not validly obtain consent for showing users personalized ads.
"The infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services, and almost unlimited possible combinations," a statement from CNIL said.
"This is the first time that the CNIL applies the new sanction limits provided by the GDPR," the statement noted. "The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information, and consent."
The watchdog's investigation and penalty came in response to complaints from the data protection advocacy groups None Of Your Business (NOYB) and La Quadrature du Net.
"We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law," NOYB chairman Max Schrems said in a statement.
Since GDPR was introduced, Schrems explained, "we have found that large corporations such as Google simply 'interpret the law differently' and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough."
"We welcome this first sanction based on our collective complaints, especially because this decision cuts short the attempted escape of Google to Ireland," La Quadrature du Net said in a series of tweets while also calling for further actions regarding other complaints.
Google, for its part, said in a statement that it is "studying the decision to determine our next steps." The company added: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."
Europe's new rules, as the Washington Post pointed out, "have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines. The United States lacks a similar, overarching federal consumer privacy law, a deficiency in the eyes of privacy rights advocates that has elevated Europe as the world's de facto privacy cop."
While welcoming the news out of France on Monday, consumer advocates urged U.S. regulators to follow suit. As Marc Rotenberg, the executive director of the Electronic Privacy Information Center, put it, "The big question now is why the Federal Trade Commission failed to act against the tech firms over these many years."
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.