France's data protection regulator, CNIL, has issued Google at $ 50 million (around $ 56.8 million) for failing to comply with its GDPR bonds. This is the biggest GDPR fine yet to be issued by a European regulator and the first time one of the tech giants has been found to fall foul of the tough new regulations that came into force in May last year.
CNIL said that was fine because Google failed to provide enough information about its data consent policies and did not give them enough control over how their information was used. According to the regulator, these violations are yet to be rectified by the search giant. Under GDPR, companies are required to gain the user's "genuine consent" before collecting their information, which means making consent and explicitly opt-in process that is easy for people to withdraw.
Although the € 50 million seems large, it is small compared to the maximum limits allowed by GDPR, which allows a company to finance a maximum of four percent of its annual global turnover for more serious offenses. For Google, which made $ 33.74 billion in the last quarter alone, that could result in a fine in the billions of dollars.
This is not the first GDPR to have been issued, but it is by far the biggest. In December, Portuguese hospital was fined € 400,000 after its staff used to access patient records, while a German social media and chat service was fined € 20,000 in November for social media passwords in plain text. A local business in Austria was also fined € 4,800 in October last year for having a security camera that was filming public space.
Responding to the find, a Google spokesperson said that the company is "deeply committed" to meeting the "high standards of transparency and control" that people expect of it. They said that the company was studying CNIL's decision in order to determine its next steps. tracking. [21