The top administrative court of France has decided to uphold the 50 million-euro ($56 million) fine that was imposed on Alphabet’s Google last year by the independent French regulator CNIL.
The fine in question was imposed on Google by the independent French data privacy regulator CNIL in January 2019.
The French watchdog argued that Google has violated the EU’s General Data Protection Regulation (GDPR) rules and stated that the company’s approach “lacked transparency and clarity in the way it informs users about its handling of personal data and failed to properly obtain their consent for personalised ads”.
What’s so special: the fine is the record sum ever imposed for a privacy violation under GDPR regime. It’s a great precedent for the future privacy breach cases against big tech.It's a great precedent for the future privacy breach cases against big tech. Click To Tweet
What Google did wrong exactly: CNIL states that Google didn’t provide a “sufficiently clear” information for users during the Android onboarding process thus failing to obtain their “consent” in the meaning of the GDPR law.
Statement from Google regarding the fine:
“People expect to understand and control how their data is used, and we’ve invested in industry-leading tools that help them do both. This case was not about whether consent is needed for personalised advertising, but about how exactly it should be obtained. In light of this decision, we will now review what changes we need to make.”Google spokeswoman in a statement sent to TechCrunch