On 21 January 2019, the CNIL’s (french national data protection commission) restricted committee decided to impose a penalty of 50 million euros on Google for violation of the obligations of transparency, information and consent imposed by the General Data Protection Regulation.  Thunderclap and drum roll… the web giant has received the most important sanction pronounced so far by the CNIL.
Everyone may remember the collective complaints that were filed as soon as the European Data Protection Regulation (GDPR) became effective on 25 May 2018 by the None Of Your Business association and the La Quadrature du Net association.
During their investigation, the CNIL’s restricted committee could observe two breaches of the GDPR:
The CNIL stated that important information concerning, for example, the use or storage of data was not presented in a clear and transparent manner by Google.
In a statement, the American web giant announced that it would take into consideration its users’ desire for transparency but has not yet reacted directly to the claim. Some will say that 50 Million euros is a trifle for a company that generates a turnover of about 285 million euros per DAY (in 2017 Google had a turnover of 96 billion euros)!
But it is still a big step that has been taken by the CNIL, as the members of the Quadrature du Net hope, this may be the beginning of trouble for Google, indeed the association had also filed a complaint for non-compliance with the GDPR about the Youtube, Gmail and Google Search tools. As you can see on an image from the Quadrature du Net website: “Google – 50 Million for a start”. To be continued.