The French data protection regulator- CNIL has issued a fine of €50 million ($56.8 million) fine against Google for failing to comply with GDPR rules. This marks as first of its kind penalty against a major tech company under the new privacy law.
The GDPR, short for General Data Protection Regulation went to effect in the EU last May and set forth universal privacy laws across the EU that created projections for user’s online data.
Part of this regulation is that companies need to get a users’ “genuine consent” before collecting information about them. This consent requires explicit statement where users openly agree to share their data. There must also be a way for users to delete that data.
The CNIL penalized Google because it did not meet the country’s accepted standards for providing information to customers regarding how their data is used- nor did it give enough information about its data consent policies.
$56 million may seem too much, but it is not as huge as GDPR can get. IT giants can be fined a max of 4% of their annual global turnover- for Google this can easily mean billions of dollars.