Jan 20, 2019
French regulators on Monday hit Google with a $57 million penalty--the first fine targeting a U.S. technology giant under Europe's strict new data privacy rules.
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
--Ailidh Callander, Privacy International
Implemented across the European Union (EU) in May of 2018, the General Data Protection Regulation (GDPR) aims to bar tech companies from relying on "long illegible terms and conditions full of legalese" to obtain and use data. Under the new rules, "the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent."
Responding to the EUR50 million penalty levied against Google, Ailidh Callander of Privacy International said, "This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
France's digital privacy watchdog, the National Data Protection Commission (CNIL), charges that although Google took some steps to comply with GDPR, it still fails to make data processing information "easily accessible for users" and does not validly obtain consent for showing users personalized ads.
"The infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services, and almost unlimited possible combinations," a statement from CNIL said.
"This is the first time that the CNIL applies the new sanction limits provided by the GDPR," the statement noted. "The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information, and consent."
\u201c#TalkingBusiness | "Google have very very deep pockets". \n\nGoogle was slapped with a \u20ac50 million from France due to the company's 'lack of transparency, inadequate information and lack of valid consent' when personalising ads.\n\nBusiness analyst @GuyShone details more.\u201d— euronews (@euronews) 1548100609
The watchdog's investigation and penalty came in response to complaints from the data protection advocacy groups None Of Your Business (NOYB) and La Quadrature du Net.
"We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law," NOYB chairman Max Schrems said in a statement.
Since GDPR was introduced, Schrems explained, "we have found that large corporations such as Google simply 'interpret the law differently' and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough."
"We welcome this first sanction based on our collective complaints, especially because this decision cuts short the attempted escape of Google to Ireland," La Quadrature du Net said in a series of tweets while also calling for further actions regarding other complaints.
\u201cWe hope that these sanctions will be well over 50 million, 4 billion being the maximum amount. \n\nThanks again to the 12.000 people who have joined us in these complaints against GAFAM and their world, this is just the beginning!\u201d— La Quadrature du Net (@La Quadrature du Net) 1548092794
Google, for its part, said in a statement that it is "studying the decision to determine our next steps." The company added: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."
Europe's new rules, as the Washington Post pointed out, "have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines. The United States lacks a similar, overarching federal consumer privacy law, a deficiency in the eyes of privacy rights advocates that has elevated Europe as the world's de facto privacy cop."
While welcoming the news out of France on Monday, consumer advocates urged U.S. regulators to follow suit. As Marc Rotenberg, the executive director of the Electronic Privacy Information Center, put it, "The big question now is why the Federal Trade Commission failed to act against the tech firms over these many years."
Join Us: News for people demanding a better world
Common Dreams is powered by optimists who believe in the power of informed and engaged citizens to ignite and enact change to make the world a better place. We're hundreds of thousands strong, but every single supporter makes the difference. Your contribution supports this bold media model—free, independent, and dedicated to reporting the facts every day. Stand with us in the fight for economic equality, social justice, human rights, and a more sustainable future. As a people-powered nonprofit news outlet, we cover the issues the corporate media never will. |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
French regulators on Monday hit Google with a $57 million penalty--the first fine targeting a U.S. technology giant under Europe's strict new data privacy rules.
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
--Ailidh Callander, Privacy International
Implemented across the European Union (EU) in May of 2018, the General Data Protection Regulation (GDPR) aims to bar tech companies from relying on "long illegible terms and conditions full of legalese" to obtain and use data. Under the new rules, "the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent."
Responding to the EUR50 million penalty levied against Google, Ailidh Callander of Privacy International said, "This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
France's digital privacy watchdog, the National Data Protection Commission (CNIL), charges that although Google took some steps to comply with GDPR, it still fails to make data processing information "easily accessible for users" and does not validly obtain consent for showing users personalized ads.
"The infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services, and almost unlimited possible combinations," a statement from CNIL said.
"This is the first time that the CNIL applies the new sanction limits provided by the GDPR," the statement noted. "The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information, and consent."
\u201c#TalkingBusiness | "Google have very very deep pockets". \n\nGoogle was slapped with a \u20ac50 million from France due to the company's 'lack of transparency, inadequate information and lack of valid consent' when personalising ads.\n\nBusiness analyst @GuyShone details more.\u201d— euronews (@euronews) 1548100609
The watchdog's investigation and penalty came in response to complaints from the data protection advocacy groups None Of Your Business (NOYB) and La Quadrature du Net.
"We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law," NOYB chairman Max Schrems said in a statement.
Since GDPR was introduced, Schrems explained, "we have found that large corporations such as Google simply 'interpret the law differently' and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough."
"We welcome this first sanction based on our collective complaints, especially because this decision cuts short the attempted escape of Google to Ireland," La Quadrature du Net said in a series of tweets while also calling for further actions regarding other complaints.
\u201cWe hope that these sanctions will be well over 50 million, 4 billion being the maximum amount. \n\nThanks again to the 12.000 people who have joined us in these complaints against GAFAM and their world, this is just the beginning!\u201d— La Quadrature du Net (@La Quadrature du Net) 1548092794
Google, for its part, said in a statement that it is "studying the decision to determine our next steps." The company added: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."
Europe's new rules, as the Washington Post pointed out, "have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines. The United States lacks a similar, overarching federal consumer privacy law, a deficiency in the eyes of privacy rights advocates that has elevated Europe as the world's de facto privacy cop."
While welcoming the news out of France on Monday, consumer advocates urged U.S. regulators to follow suit. As Marc Rotenberg, the executive director of the Electronic Privacy Information Center, put it, "The big question now is why the Federal Trade Commission failed to act against the tech firms over these many years."
French regulators on Monday hit Google with a $57 million penalty--the first fine targeting a U.S. technology giant under Europe's strict new data privacy rules.
"This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
--Ailidh Callander, Privacy International
Implemented across the European Union (EU) in May of 2018, the General Data Protection Regulation (GDPR) aims to bar tech companies from relying on "long illegible terms and conditions full of legalese" to obtain and use data. Under the new rules, "the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent."
Responding to the EUR50 million penalty levied against Google, Ailidh Callander of Privacy International said, "This fine should serve as a wake-up call for all companies whose business models are based on data exploitation to take data protection and individuals' data rights seriously."
France's digital privacy watchdog, the National Data Protection Commission (CNIL), charges that although Google took some steps to comply with GDPR, it still fails to make data processing information "easily accessible for users" and does not validly obtain consent for showing users personalized ads.
"The infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services, and almost unlimited possible combinations," a statement from CNIL said.
"This is the first time that the CNIL applies the new sanction limits provided by the GDPR," the statement noted. "The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information, and consent."
\u201c#TalkingBusiness | "Google have very very deep pockets". \n\nGoogle was slapped with a \u20ac50 million from France due to the company's 'lack of transparency, inadequate information and lack of valid consent' when personalising ads.\n\nBusiness analyst @GuyShone details more.\u201d— euronews (@euronews) 1548100609
The watchdog's investigation and penalty came in response to complaints from the data protection advocacy groups None Of Your Business (NOYB) and La Quadrature du Net.
"We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law," NOYB chairman Max Schrems said in a statement.
Since GDPR was introduced, Schrems explained, "we have found that large corporations such as Google simply 'interpret the law differently' and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough."
"We welcome this first sanction based on our collective complaints, especially because this decision cuts short the attempted escape of Google to Ireland," La Quadrature du Net said in a series of tweets while also calling for further actions regarding other complaints.
\u201cWe hope that these sanctions will be well over 50 million, 4 billion being the maximum amount. \n\nThanks again to the 12.000 people who have joined us in these complaints against GAFAM and their world, this is just the beginning!\u201d— La Quadrature du Net (@La Quadrature du Net) 1548092794
Google, for its part, said in a statement that it is "studying the decision to determine our next steps." The company added: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."
Europe's new rules, as the Washington Post pointed out, "have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines. The United States lacks a similar, overarching federal consumer privacy law, a deficiency in the eyes of privacy rights advocates that has elevated Europe as the world's de facto privacy cop."
While welcoming the news out of France on Monday, consumer advocates urged U.S. regulators to follow suit. As Marc Rotenberg, the executive director of the Electronic Privacy Information Center, put it, "The big question now is why the Federal Trade Commission failed to act against the tech firms over these many years."
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.