French data privacy watchdog, CNIL (National Data Protection Commission) announced on Monday that it had fined Google 50 million euros, or about 57 million dollars, claiming that Google was in breach of Europe’s new GDPR (General Data Protection Regulation).
CNIL claims that Google failed to conform to the EU’s Basic Knowledge Coverage Legislation (GDPR) laws while collecting data from across its services – including its search engine, Google Maps, and YouTube – to present personalized advertisements.
The European Union’s GDPR passed on May 25, 2018, and was designed to protect users’ right to privacy and anonymity when it comes to the data they share with business platforms. However, when Android users set up a new phone and follow Android’s onboarding process; the US tech giant is in breach of the new GDPR. CNIL added that the significant fine imposed on Google is for their “lack of transparency, inadequate information and lack of valid consent regarding the ads personalization.” The GDPR allows European data privacy bodies to impose fines worth up to 4% of annual revenue on companies that breach the data privacy rules within Europe.
On the other side, Google responded by saying, “People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR. Meanwhile, we are studying the decision of the CNIL to determine our next steps.” This is, however, the first time when Google is fined by any European data privacy body under the E.U.’s General Data Protection Regulation.
Additionally, CNIL found that “Google made it difficult for the users to access information about data processing and storage times, and how is such information used for personalized ads. Consumers have access to relevant information after several steps only, implying sometimes up to five or six actions.”