PerformanceININside Performance Marketing
PI LIVE 2019
Google Fined £44 Million for Breaching GDPR Rules

Google Fined £44 Million for Breaching GDPR Rules

PerformanceIN

French data protection regulator CNIL has fined Google for breaching the EU’s GDPR rules.

France’s data protection regulator CNIL has fined Google $50 million (£44 million) for failing to comply with its GDPR rules when new Android users set up a new phone and follow Android’s onboarding process. It is the biggest GDPR fine since the legislation came into play last May and the first time a tech giant has been found to breach the rules.

Two privacy rights groups Noyb and La Quadrature du Net filed complaints against Google in May 2018. The groups claimed the tech giant didn’t have a valid legal basis to process user data for ad personalisation. CNIL said that the fine is a result of the company not being clear enough about the way user data is handled to present personalised adverts.

Lack of transparency and unclear consent policies

CNIL concluded in the statement that Google failed to comply due to “lack of transparency, inadequate information and lack of valid consent regarding ads personalisation.” Google did not have a clear consent to process data because essential data was “disseminated across several documents.” The CNIL said users are not able to understand the extent of the processing operations as Google’s wording is obscure and the relevant information is accessible after several steps only.

Secondly, Google doesn’t fully explain what it means when you tick or untick certain settings. It said the company doesn't tell you that if you want personalised ads, it will be for many different services such as YouTube and Google Maps. In addition, when creating an account, the personalise ads option is pre-ticked by default – and it shouldn’t be.

In a statement, Google said: "People expect high standards of transparency and control from us. We're deeply committed to meeting those expectations and the consent requirements of the GDPR."

Under the GDPR rules, a company can be fined a maximum of 4% of its annual global turnover for more serious offenses, so Google’s fine of £44 million is relatively small when you think about Google’s earnings. The company made $33.74 billion in the last quarter alone.

Continue the conversation

Have something to say about this article? Comment above, share it with the author JoeleForrester or directly on Facebook, Twitter or our LinkedIn Group.

Joele Forrester

Joele Forrester

Joele is a journalist at PerformanceIN reporting news from the world of performance marketing, while also reporting live at events, writing feature articles and interviewing key industry players.

Read more from Joele

You may also like…