Google fined $79m for breaching GDPR law

France fines Google nearly $57 million for first major violation of new European privacy regime

Google hit with $57 MILLION fine by France’s data watchdog for murky use of personal information

Google has been fined a mammoth €50m by the French data protection watchdog for GDPR violations in a victory for Max Schrems' privacy group NOYB.

The fine was levied, CNIL said, because Google made it too hard for users to find essential information, "such as the data-processing purposes, the data storage periods or the categories of personal data used for the ads personalisation", by splitting them across multiple documents, help pages and settings screens.

The company's infringements "deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life", the commission said.

Once the General Data Protection Regulation, known as GDPR for short, went into effect in Europe previous year, it was regarded as only a matter of time before regulators there would use the stricter privacy framework to push back on tech giants in a way that's not happening in the US.

Google said in a statement it is "deeply committed" to transparency and user control as well as GDPR consent requirements. Implemented in 2018, the sweeping new privacy rules have set a global standard that has forced Google and its tech peers in Silicon Valley to rethink their data-collection practices or risk sky-high fines.

"We're studying the decision to determine our next steps", it said.

USA names three killed in Syria blast claimed by Islamic State
But we always said, and our policy was until most recently, we had to make sure that we completed the enduring defeat of ISIS. Turkey has threatened to attack the Kurds, who have been America's partners on the ground in the war against ISIS in Syria .

In addition, the agency found that Google's user consent policy for data use is invalid because it is neither specific nor unambiguous, with information diluted across several documents, which makes it hard for users to gain a clear picture of exactly what data is collected and how it is used. The penalty is also connected to the way the French agency sees Google as not being clear enough in a broad sense about how user data is collected and how it's subsequently used. However, the GDPR provides that the consent is "specific" only if it is given distinctly for each goal.

The maximum fine for large companies under the new law is 4% of annual turnover, meaning the theoretical maximum fine for Google is nearly €4bn. For instance, an option box for choosing whether to display personalized ads was already pre-ticked, which takes the action away from the user.

La Quadrature du Net said it welcomes the "first part of the response to our complaint against Google".

"We have found that large corporations such as Google simply "interpret the law differently" and have often only superficially adapted their products", Schrems said in a statement after the ruling.

It said the record 50-million-euro fine reflected the seriousness of the failings as well as Google's dominant market position in France via Android.

In 2014 it fined the company 150,000 euros - the maximum possible at the time - for failing to comply with its privacy guidelines for personal data.

Latest News