French data protection authority fines Google EUR 150,000

News Broadband France 9 JAN 2014
French data protection authority fines Google EUR 150,000

French data protection agency CNIL has fined Google EUR 150,000 upon considering that the privacy policy implemented by the company since 1 March 2012 does not comply with the country’s data protection act. CNIL also has ordered Google to publish a statement on the decision at the Google.fr homepage by 11 January. 

In its decision, CNIL’s sanctions committee said that the data processed by the company about the users of its services in France must be qualified as personal data. It also judged that French law applies to the processing of personal data relating to internet users established in France, contrary to the company's claim. CNIL did not challenge the legitimacy of the simplification objective pursued by the company’s merging of its privacy policies, yet it considers that the conditions under which this single policy is implemented are contrary to several legal requirements. 

Google does not sufficiently inform its users of the conditions in which their personal data are processed, nor of the purposes of this processing. The company does not comply with its obligation to obtain user consent prior to the storage of cookies on their terminals. It also fails to define retention periods applicable to the data which it processes. Finally, the internet giant combines all the data it collects about its users across all of its services without any legal basis. 

These conclusions are similar to those made by the Dutch and Spanish data protection authorities in November and December 2013 on the basis of their respective national laws.

Categories:

Internet

Companies:

Google

Countries:

France

Tags:

Regulations, IT - applications, Portals / social media, Wireline, Wireless, Consumer, Legislation - Lawsuits

Related Articles

FRANCE 21 SEP 2015

French reject Google appeal on 'right to be forgotten'

French data privacy agency Cnil has rejected Google's informal appeal against its formal notice requesting the company to apply delisting on all of its domain names under the European Court of Justice's 'right to be forgotten' ruling of May 2014. After Google received several tens of thousands of requests from French citizens to remove search results based on their name, it delisted some results at Google.fr, Google.es, Google.co.uk and other European extensions. However it did not delist them from Google.c

UNITED KINGDOM 30 JAN 2015

ICO orders Google to improve privacy information

After an investigation, the UK information office (ICO) has told Google that is privacy policy is too vague and that it must better inform its users about how it handles personal information. Reuters reports that the search engine has agreed to do so. The ICO investigation was prompted by Google's consolidation of around 70 privacy policies into one in March 2012. It started to pool all data from individuals on several of its services, including Gmail, YouTube and the Google+ social network. The company has

EUROPE 20 MAY 2014

EU privacy bodies to discuss 'right to be forgotten' in June

French private data commission CNIL and Europe's other privacy watchdogs will meet in June to discuss how to enforce the European Court of Justice's ruling last week upholding the right of individuals to request the removal of personal information about them from search results, the so-called "right to be forgotten" online, reports Bloomberg, citing a CNIL president Isabelle Falque-Pierrotin. The ruling also allows citizens to request intervention from a court or data-protection authority if a company does

ITALY 4 APR 2014

Google pays EUR 1 mln fine in Italian Street View case

The Italian data protection authority Garante Privacy has confirmed that Google has paid a EUR 1 million fine over complaints that the Street View cars it used to record images in 2010 were not clearly recognisable. "Cars belonging to [Google] roamed Italy's streets without being entirely recognisable as such, therefore not allowing the people present in those places to decide whether to be photographed or not," it said in a statement. Google replied that the fine "relates to an old case that dates back to

EUROPE 22 JAN 2014

EC calls Google fines in Spain and France "pocket money"

The European Commission's justice minister, Viviane Reding, has called for tougher sanctions for companies that breach European data privacy laws, dismissing recent fines for Google imposed by Spain and France as little more than "pocket money". Although the data protection authorities in those countries found Google's new consolidated privacy policy violated current data protection rules, the fines of EUR 900,000 in Spain and EUR 150,000 in France showed why new laws were needed, said Reding in a speech de

FRANCE 15 JAN 2014

Google appeals CNIL personal data ruling

Google has lodged an appeal with the France's Conseil d'Etat against a recent decision by the country's data protection authority, CNIL, that found it in breach of the country's personal data protection laws, Le Figaro reports. CNIL ordered the company to pay a maximum fine of EUR 150,000 and to publish a message about the decision within 8 days of the notification. Google argues that France's legislation does not apply to it because its servers are not located in France.

GLOBAL 10 JAN 2014

Google updates Google Play

Google has begun rolling out the newest version of its Google Play services for Android, providing incremental changes to the company's service for integrating Google services into mobile apps, reported TechCrunch. The rollout is currently taking place and should extend to all Android devices globally over the coming days. The new update for version 4.1 brings support for turn-based multiplayer games to Play services, allowing developers to build asynchronous games with up to eight participants. Each time a

SPAIN 19 DEC 2013

Google fined EUR 900,000 by Spanish data protection agency

Spain's Data Protection Agency (AEPD) has fined Google a total of EUR 900,000 for three serious breaches of the Spanish data protection law related to its handling of customers' personal information. According to the AEPD, Google is illegally collecting and processing information from both registered and unregistered users, the latter referring to "passive users" that have not requested Google's services but simply access websites that include elements managed by the company. The agency added that Google is

NETHERLANDS 29 NOV 2013

Google found to violate Dutch privacy law

The Dutch privacy regulator has found Google in violation of the law for its gathering of personal information on customers without their permission. Since the change in its privacy terms in March 2012, Google collects and shares personal data across a variety of its services in order to serve up personalised ads and services. The CBP's investigation found the company was not informing customers well enough of what data it collected, nor was Google securing the needed permission from end-users for using tha

EUROPE 27 SEP 2013

French personal data privacy commission acts vs Google

France's data-protection commission, the "Commission Nationale de I'Informatique et des Libertes" (CNIL), has notified Google that it filed a formal sanction proceeding that could lead to fines, alleging the US internet company's handling of French user data violates European privacy law. The privacy watchdog said it filed the sanctions because Google missed a three-month deadline to comply with an order to change its treatment of user data. CNIL did not specify the amount of the fine it might seek, but a p

EUROPE 20 JUN 2013

Google gets 3 months to comply with EU data privacy rules

French data protection agency Cnil has given Google three months to align its policies with French private data protection legislation or face fines of EUR 150,000 to 300,000 a day. The formal notice stems from a process started jointly by the data protection authorities of the 27 EU member states in October 2012 over the company's privacy policy. French regulator Cnil said in April that there had been no signs of change at Google. The UK, Netherlands, Germany, Italy and Spain will begin their own procedure

FRANCE 4 APR 2013

Google has limited window to respond to Cnil probe

French data protection agency Cnil told Le Monde that it is still seeking an amicable resolution with Google over users' access to their own data. There is a window of a few weeks for Google, ahead of plans to issue a formal notice before the summer. If the company does not comply by increasing transparency and limiting the amount of data it collects, it will be fined by the Cnil, though not before the end of 2013.

EUROPE 1 MAR 2013

EU data agencies plan enforcement actions vs Google

EU members state's data protection agencies decided at at a meeting on 26 February to continue their investigations into Google's privacy policy and to take all necessary actions according to their competences and powers. The move comes after Google took no precise measures in response to recommendations made by the data protection agencies' Article 29 Working Party in October last year concerning deficiencies in the company's privacy policy.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.