Google will fight this one on principle, but its outcome could shape the future of the internet in Europe.
Google has confirmed that it is to appeal the €50m fine imposed by French data watchdog CNIL in an early test case for GDPR (General Data Protection Regulation) in Europe.
This week, CNIL (Commission Nationale de l’Informatique et des Libertés) hit Google with a €50m fine, alleging that the tech giant failed to comply with GDPR in instances where Android users set up a new phone and followed the Android onboarding process.
CNIL ruled that Google was guilty of breaking EU privacy laws by failing to obtain adequate consent from users when processing their data for the purpose of personalised advertising.
‘We’ve worked hard to create a GDPR consent process for personalised ads that is as transparent and straightforward as possible’
Under GDPR rules, which came into force in May 2018, EU regulators can fine companies as much as €20m or 4pc of their turnover, whichever is highest.
Interpreting consent under GDPR rules
As we predicted, Google is going to lawyer up and defend its name. It will challenge the CNIL’s decision before France’s highest administrative court, the Council of State.
The result of the case will impact how the tech sector will interpret consent under GDPR and no doubt will be watched closely by social network Facebook, which ran the gauntlet of a succession of privacy debacles during 2018.
“We’ve worked hard to create a GDPR consent process for personalised ads that is as transparent and straightforward as possible, based on regulatory guidance and user experience testing,” Google said in a statement.
“We’re also concerned about the impact of this ruling on publishers, original content creators, and tech companies in Europe and beyond. For all these reasons, we’ve now decided to appeal.”