CNIL hits Google with a record fine for failing to amend its privacy policies
French data protection watchdog the National Commission on Computing and Freedom (CNIL) has fined Google €150,000 ($204,000) for ignoring a three-month deadline it set out in September to clean up its data privacy policies.
The fine will be tiny in Google’s eyes, but it is the largest ever handed down by CNIL, and follows several months wrangling between the two. According to the committee, Google failed to adequately inform users about its data collection processes and their purpose, as well as failing to obtain consent or tell users how long cookies would be installed on their machines.
The regulator will also look to publicly shame Google by requesting the company to display a notice within the next week on its Google.fr homepage for two days explaining the decision.
The ruling marks the latest in a series several legal scraps for the search engine across Europe. Six European countries currently have investigations pending into its privacy policies, and although Google has continued to maintain its innocence throughout, it could be forced to amend its policies, at least in Europe.
There has been no official response from Google yet, but yesterday a blog post by its top privacy official, Peter Fleischer, global privacy counsel at the company, railed against the European Union’s “flawed” attempt to overhaul data-protection rules, and urged politicians to go back to the drawing board.
“Europe’s much-ballyhooed, and much-flawed, proposal to re-write its privacy laws for the next 20 years collapsed,” Fleischer writes, “the old draft is dead, and something else will eventually be resurrected in its place.”
Whether this outburst will affect the French court’s ruling remains to be seen.
How well do you know Google’s secrets? Find out with our quiz!