The first high profile GDPR fine has been issued to Google
The French data regulator, CNIL, has fined Google for having breached the EU’s data protection laws GDPR.
Because of this, the regulator has issued the fine arguing that users were not clearly informed. This is in reference to how Google had collected and used data to create personalised advertising.
The fine comes after Google has shown a ‘lack of transparency, inadequate information and lack of valid consent regarding ads personalisation’ said CNIL.
Google received two complaints in May 2018. The same month the EU’s new GDPR legislation took effect. Nonprofit organisations, None of Your Business and La Quadrature du Net, both filed complaints.
The regulator has said that Google users ‘are not able to fully understand the extent of the processing operations carried out by Google’. Google has been accused of making it difficult for users to understand the data process as a whole. The main example of this is the fact that it takes between 5 to 6 clicks to find out how their data is used.
Even the option to personalise ads with your own data is already pre-ticked when you choose to create an account. The user, therefore, gives their consent for all the processing operations and purposes carried out by Google. However, the consent is not specific enough to meet GDPR legislations.
Google has responded by saying: ‘People expect high standards of transparency and control from us. Therefore, we’re deeply committed to meeting those expectations and the consent requirements of the GDPR.’
Image Matters will be monitoring the situation to determine how this will affect Google’s ad products.