Privacy regulator fines Google $57 million

Claims of non-compliance with cybersecurity issues brings a potentially hefty fine against Google.

France’s data privacy regulator, The National Data Protection Commission, fined U.S. tech giant Google €50 million ($57 million), the initial CNIL penalty under the EU’s General Data Protection Regulation.

CNIL said it fined Google for “lack of transparency, inadequate information and lack of valid consent” regarding advertising personalization for users. It’s one of the heftiest enforcement actions since the GDPR came into play in May 2018.

The GDPR rules are aimed at protecting the harvesting of personal data by companies, which must use plain language to explain their actions. The regulatory body claims that Google failed to obey GDPR when new Android users set up a new phone and followed Android’s onboarding process.

The commission responding to complaints by two data protection advocacy groups, None of Your Business and La Quadrature du Net, filed immediately after GDPR took effect. In the two complaints, the associations censured Google for not having a valid legal basis to process the personal data of the its users, particularly for ads personalization purposes.


continue reading »