Home
Tech

How breaking GDPR rules landed Google with £44m fine

French data protection regulator began investigating the US company following tip-off from privacy activists

Newsletter sign up Newsletter

(Image credit: Leon Neal/Getty Images)

By The Week Staff

published 22 January 2019

Google has been handed a record €50m (£44m) fine in France for breaching the European Union’s data protection laws.

The Huawei backlash explained Why Tesla is offering a new Model 3 to a hacker

French data regulator CNIL (Commission Nationale de l’informatique et des Libertes) said the internet search giant had not “sufficiently” informed users about how their information was being used, the BBC reports.

The French regulator added that the company had displayed a “lack of transparency, inadequate information and lack of valid consent regarding ads personalisation”, in violation of General Data Protection Regulation (GDPR) laws.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Google breached two specific conditions of the rules, says Ars Technica.

For starters, the company did not make its data collection policies “easily accessible” for its users. It also failed to obtain “sufficient and specific user consent” for personalised adverts across all of its services, including YouTube, the tech news site says.

Under GDPR laws, firms are required to gain a user’s “genuine consent” prior to collecting their data, notes The Verge. This mean users must be offered an opt-in process that they can easily accept or reject.

According to The Washington Post, French regulators began investigating Google last May after two privacy activist groups raised concerns about the company’s practices.

Responding to the penalty, a Google spokesperson said the company was in the process of “studying the decision to determine our next steps”.

“People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR”, the spokesperson added.

The penalty is “by far” the largest of its kind since the EU’s GDPR laws came into force on 25 May 2018, says tech news site ZDNet.

The previous record was held by a Portuguese hospital, which was fined €400,000 (£352,000) in July for exposing patient data to unauthorised staff members.

Explore More

Sign up for Today's Best Articles in your inbox

A free daily email with the biggest news stories of the day – and the best features from TheWeek.com

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

The Week Staff

Social Links Navigation

Latest

Thailand's makeover into White Lotus-inspired glamour
The Week Recommends The location for season three of the hit HBO series is spurring a luxury 'tourism frenzy'

By Irenie Forshaw, The Week UK Published 21 January 25
Axel Rudakubana: how much did the authorities know about Southport killer?
Today's Big Question Nigel Farage accuses PM of a cover-up as release of new details raises 'very serious questions for the state about how it failed to intervene before tragedy struck'

By The Week UK Published 21 January 25
The princess and the PR: Meghan Markle's image problem
Talking Point A tough week for the Sussexes has seen a familiar tale of vitriol and invective thrown the way of the actor-cum-duchess

By Jamie Timson, The Week UK Published 21 January 25