Sovy recognised by KuppingerCole Independent Analysts More Info
  • Home
  • |
  • Log In
  • |
  • Contact
  • |
  • 0
Sovy
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us

Data Privacy News

June 18, 2020

Google Loses Its Appealing To The €50 million GDPR Fine

On the 21st of January 2019, CNIL (The Commission Nationale de l’Informatique et des Libertés) fined Google under the GDPR (General Data Protection Regulation) with €50 million for the lack of transparency towards data subjects, for the lack of valid consent on ads personalization, and for not offering proper and clear information to the users.

The complaints were filed in May 2018 by two organizations: Noyb and La Quadrature du net (LQDN), the first complaint being filed on the 28th of May 2018 immediately after the GDPR law was enforced.

Google did not have a valid legal basis for processing user’s data for the ads personalization as mandated by GDPR.

Although Google is headquartered in Ireland, it has been decided that this case will be handled by the French data regulator.

Lack of transparency

Following the investigations carried by CNIL, it was observed that the giant tech did not obtain a clear consent to process the data because the information was displayed on several documents. ”The relevant information is accessible after several steps only, implying sometimes up to 5 or 6 actions” argued the data regulator. ”Users are not able to fully understand the extent of the processing operations carried out by Google.”

Lack of valid consent

Furthermore, the regulator discovered that the company failed to obtain a valid legal basis when processing the user’s data. ’’Before creating an account, the user is asked to tick the boxes « I agree to Google’s Terms of Service» and « I agree to the processing of my information as described above and further explained in the Privacy Policy» in order to create the account. Therefore, the user gives his or her consent in full, for all the processing operations purposes carried out by Google based on this consent (ads personalization, speech recognition, etc.). However, the GDPR provides that the consent is “specific” only if it is given distinctly for each purpose.’’

Google claims that it obtains the user’s consent to process data in the ads personalization. However, CNIL considers that the agreement is not sufficiently informed.

CNIL fined Google with €50 million. The established amount is justified by the gravity of the violations on the main principles of GDPR: transparency, information and consent. Google appealed the decision on the ground that the French Authority have no jurisdiction over its headquarters.

On the 12th of June, Google loses the appealing, being forced to pay the large amount established by the data regulator.

Need help?

Sovy’s GDPR Essentials can help you with each of the steps laid out above:

  • Walk through a data mapping exercise and build your data inventory.
  • Build all the policies you need under the GDPR, including a privacy policy, data protection policy, and data breach response forms.
  • Train your employees with industry-standard eLearning courses.
  • Maintain your compliance program in the cloud
  • Manage cookie consent and data rights

Find out how the Sovy GDPR Privacy Essentials can help you. Get in touch to find out more information.

data privacy data protection fines GDPR
Previous StoryCompany Fined 725,000€ for Collecting Employee’s Fingerprints
Next Story€17 Million GDPR Fine for Italian Telecom Provider

SEARCH

CATEGORIES

  • 2020 (14)
  • CCPA (5)
  • Charities (1)
  • Coronavirus (3)
  • COVID-19 (3)
  • Events (1)
  • GDPR (52)
  • Google (1)
  • Guidance (2)
  • New Bytes (35)
  • News & Blog (49)
  • Opinions (26)
  • Workplace Conduct (1)

TAG CLOUD

2020 BEUC Brexit CCPA Charities China CJEU Clearview AI CNIL cookies coronavirus COVID-19 cybersecurity data breach data privacy data protection DfE DPC EDPB Facebook facial recognition fine fines GDPR Google guidance H&M IAPP ICO LGDP LGPD mark zuckerberg Marriot marriott Microsoft notification online education oracle PIPEDA salesforce Schrems II tik tok Uber UK vodafone italy

ARCHIVES

  • April 2021 (1)
  • February 2021 (2)
  • January 2021 (3)
  • December 2020 (3)
  • November 2020 (4)
  • October 2020 (4)
  • September 2020 (1)
  • August 2020 (1)
  • July 2020 (2)
  • June 2020 (3)
  • May 2020 (2)
  • April 2020 (2)
  • March 2020 (1)
  • February 2020 (1)
  • January 2020 (3)
  • December 2019 (3)
  • November 2019 (1)
  • July 2019 (3)
  • May 2019 (3)
  • March 2019 (2)
  • January 2019 (3)
  • December 2018 (3)
  • November 2018 (2)
  • September 2018 (1)
  • July 2018 (1)
  • June 2018 (2)

LATEST POSTS

  • Is The GDPR Good For Business?
  • Tik Tok Accused of Noncompliance with the GDPR
  • Clearview AI accused of ‘’illegal mass surveillance’’
  • EDPB launches guidelines on Examples of Data Breach notification
  • GDPR at the End of 2020

QUICK LINKS

  • About Us
  • Resources
  • Privacy Policy
  • Terms
  • Manage Consent
  • Contact Us

Sovy GDPR Privacy Essentials

  • Subscription Benefits
  • Pricing
  • Log in
  • GDPR for Small Businesses
  • GDPR for Enterprises
  • GDPR for Sole Traders
  • GDPR for Charities

SOVY LOCATIONS

Ireland HQ

Registered Office
St Gall's House
St Gall Gardens South
Milltown, Dublin 14
D14 Y882

Trading Office
Meath Enterprise Centre
Trim road, Navan
Co. Meath, C15 TKX6
Ph: +353 (0)1 669-4774

Brussels

Rond-Point Schuman 11
1040 Brussels
Belgium

London

Registered Office
Kemp House
152-160 City Road
London EC1V 2N

Trading Office
9-10 Staple Inn
2nd Floor
London WC1V 7QH

New York

NY Metropolitan Area
2037 Lemoine Ave
Suite 452,
Fort Lee, N.J. 07024, USA

ASSOCIATIONS

Copyright © 2020 Sovy Trust Solutions Limited. All Rights Reserved. Registered in Ireland, No. 610835 and No. 605069