Google has been handed a record €50m (£44m) fine in France for breaching the European Union’s data protection laws.
French data regulator CNIL (Commission Nationale de l’informatique et des Libertes) said the internet search giant had not “sufficiently” informed users about how their information was being used, the BBC reports.
The French regulator added that the company had displayed a “lack of transparency, inadequate information and lack of valid consent regarding ads personalisation”, in violation of General Data Protection Regulation (GDPR) laws.
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Google breached two specific conditions of the rules, says Ars Technica.
For starters, the company did not make its data collection policies “easily accessible” for its users. It also failed to obtain “sufficient and specific user consent” for personalised adverts across all of its services, including YouTube, the tech news site says.
Under GDPR laws, firms are required to gain a user’s “genuine consent” prior to collecting their data, notes The Verge. This mean users must be offered an opt-in process that they can easily accept or reject.
According to The Washington Post, French regulators began investigating Google last May after two privacy activist groups raised concerns about the company’s practices.
Responding to the penalty, a Google spokesperson said the company was in the process of “studying the decision to determine our next steps”.
“People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR”, the spokesperson added.
The penalty is “by far” the largest of its kind since the EU’s GDPR laws came into force on 25 May 2018, says tech news site ZDNet.
The previous record was held by a Portuguese hospital, which was fined €400,000 (£352,000) in July for exposing patient data to unauthorised staff members.
-
Larry Ellison: the billionaire’s burgeoning media empireIn the Spotlight Oracle founder’s takeover of traditional and new media companies labelled ‘dangerous for democracy’ by US press watchdog
-
Budget-friendly Alpine escapes: the best ski resorts in AustriaThe Week Recommends Expect fewer tourists and plenty of snow in the stunning Austrian Alps
-
Megabatteries are powering up clean energyUnder the radar They can store and release excess energy
-
Is the UK government getting too close to Big Tech?Today’s Big Question US-UK tech pact, supported by Nvidia and OpenAI, is part of Silicon Valley drive to ‘lock in’ American AI with US allies
-
Google: A monopoly past its prime?Feature Google’s antitrust case ends with a slap on the wrist as courts struggle to keep up with the tech industry’s rapid changes
-
South Korea's divide over allowing Google MapsTalking Points The country is one of few modern democracies where the app doesn't work
-
Google avoids the worst in antitrust rulingSpeed Read A federal judge rejected the government's request to break up Google
-
Is AI killing the internet?Talking Point AI-powered browsers and search engines are threatening the death of the open web
-
Unreal: A quantum leap in AI videoFeature Google's new Veo 3 is making it harder to distinguish between real videos and AI-generated ones
-
Google's new AI Mode feature hints at the next era of searchIn the Spotlight The search giant is going all in on AI, much to the chagrin of the rest of the web
-
Is Apple breaking up with Google?Today's Big Question Google is the default search engine in the Safari browser. The emergence of artificial intelligence could change that.
