3 Comments

Summary:

The French privacy regulator CNIL has levied its biggest ever fine on the U.S. firm for breaking the law with its unified privacy policy. It’s only $200K, but the regulator threw in some extra humiliation for good measure.

The French data protection authority CNIL has fined Google €150,000 ($204,000) over its unified privacy policy, which regulators believe violates European privacy law. The EU data protection authorities are coordinating their anti-Google efforts – Spain became the first to levy a fine last month, relieving the company of $1.2 million.

In a statement on Wednesday, CNIL said Google’s merging of its various services’ privacy policies into a unified policy was in itself legal, but the way in which it implemented that unified policy was not legal.

Specifically, the regulator said, Google did not inform its users enough about how their data would be mixed and matched between the various services, such as Gmail and Google Maps, nor why this data was being combined in this way (hint: advertising).

If this sounds familiar, that’s because it’s almost exactly what the Dutch regulator and a Berlin court said in November. CNIL also said Google didn’t get sufficient user consent before storing cookies on devices, nor was it clear to its users about how long it would keep their data in its systems.

Now, it doesn’t take a genius to note that €150,000 is chump change for Google, but it is the largest fine ever levied by CNIL. The regulator also ordered Google to put a notice on google.fr over 2 days – within 8 days from today – about the decision.

“This publicity measure is justified by the extent of Google’s data collection, as well as by the necessity to inform the persons concerned who are not in a capacity to exercise their rights,” CNIL said.

BONUS FACT: The news drew a quick response from SafeGov.org, which stated:

“Google’s continued violation of and obstinacy against EU data protection rules is deeply concerning, not just to the average consumer, but also to the schools, governments, hospitals and businesses that Google is increasingly targeting. There is an inherent conflict of interest in allowing the world’s largest advertising company to collect, process and store such sensitive personal data. We encourage Data Protection Authorities to look specifically at this issue as they continue to investigate privacy abuses.”

Who’s behind SafeGov.org? Why, Microsoft, of course!

  1. Reblogged this on Niki.V.all.ways.My.way. and commented:
    note: this is not over an “incident” this is a fine over a “policy”.
    you know, those things no user really ever reads.

    Share
  2. “The EU data protection authorities are coordinating their anti-Google efforts ”

    Anti-google efforts? As opposed to what? The slobbering, ass-kissing the American tech press affords to them?

    Share
  3. You know this is just the beginning. It is always something or someone trying to impose government control on advertising etc. Its all just a way to keep marketing under control and make it even more difficult to make any money online. The problem is that marketing is what makes the world go around. With out it commerce would slow down and economy’s would collapse.

    Share

Comments have been disabled for this post