The Commission nationale de l’informatique et des libertés (CNIL), France’s data protection regulator or better be said watchdog, has issued a €50 fine (which is tantamount to $56.8 million USD) to Google for failing to observe its GDPR rules. This fine can be referred to as the biggest General Data Protection Regulation (GDPR) fine that has been issued by a European watchdog over breaching the privacy rules that came into effect from May last year. Mainly the fine has been issued for failing to follow the rules over ad targeting and transparency requirement on its Android mobile operating system.
CNIL informed that the fine was enforced because Google failed to offer sufficient information to users related to its data consent policies and also couldn’t give them ample control over how their information was being used.
According to France’s data protection regulator, CNIL these breaches are yet to have been amended by the search engine giant. As a part of the regulation, organizations are needed to acquire user’s genuine approval before gathering any kind of information about them. Moreover the consent needs to be in the form of user specifically opting-in process and users must be eager to share their data.
In responding to the fines, a Google spokesperson stated that the company is deeply devoted to maintain the high standards of clarity and control that people expect from Google. In order to consider their next step, Google would be following closely the decision of the CNIL.
Even though the €50 fine might appear like an enormous fine, it’s very small as GDPR fines can become. Companies can be fined a maximum of 4% of their annual global turnover. For Google, who made $33.74 billion during the last quarter only, might result in a fine worth billions of dollars.
Google has also been charged of GDPR privacy breach by consumer groups across seven European nations over what they avouch are “illusive practices” around its location tracking.