Google fined for GDPR breaches in France
The company has been fined for "lack of transparency, inadequate information and lack of valid consent regarding ad personalisation," the regulator said in a statement.
Two privacy rights organisations, None of Your Business (NOYB) and La Quadrature du Net (LQDN), issued complaints against Google in May 2018, following the introduction of GDPR.
The groups claimed that the company did not have a valid legal basis to process the personal data of its users, particularly for the purpose of customising advertising, as stipulated by the data regulation.
CNIL said users were "not sufficiently informed" about Google’s data consent policies and that consent was "not validly obtained".
When consent was collected, the regulator ruled that it was neither "specific" nor "unambiguous" according to the standards set by GDPR.
The fine is the biggest issued by a European regulator under GDPR. CNIL said the figure was "justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent".
We hope you enjoyed this article.
Research Live is published by MRS.
The Market Research Society (MRS) exists to promote and protect the research sector, showcasing how research delivers impact for businesses and government.
Members of MRS enjoy many benefits including tailoured policy guidance, discounts on training and conferences, and access to member-only content.
For example, there's an archive of winning case studies from over a decade of MRS Awards.
Find out more about the benefits of joining MRS here.
0 Comments